mirror of
https://github.com/ergochat/ergo.git
synced 2024-11-25 13:29:27 +01:00
document SNI
This commit is contained in:
parent
aecb28a616
commit
1fc513cef0
@ -49,6 +49,8 @@ server:
|
||||
|
||||
# The standard SSL/TLS port for IRC is 6697. This will listen on all interfaces:
|
||||
":6697":
|
||||
# this is a standard TLS configuration with a single certificate;
|
||||
# see the manual for instructions on how to configure SNI
|
||||
tls:
|
||||
cert: fullchain.pem
|
||||
key: privkey.pem
|
||||
|
@ -49,6 +49,7 @@ _Copyright © Daniel Oaks <daniel@danieloaks.net>, Shivaram Lingamneni <slingamn
|
||||
- [Redirect from plaintext to TLS](#how-can-i-redirect-users-from-plaintext-to-tls)
|
||||
- [Reverse proxies](#reverse-proxies)
|
||||
- [Client certificates](#client-certificates)
|
||||
- [SNI](#sni)
|
||||
- [Modes](#modes)
|
||||
- [User Modes](#user-modes)
|
||||
- [Channel Modes](#channel-modes)
|
||||
@ -606,6 +607,20 @@ Oragono supports authenticating to user accounts via TLS client certificates. Th
|
||||
|
||||
Client certificates are not supported over websockets due to a [Chrome bug](https://bugs.chromium.org/p/chromium/issues/detail?id=329884).
|
||||
|
||||
## SNI
|
||||
|
||||
Oragono supports [SNI](https://en.wikipedia.org/wiki/Server_Name_Indication); this is useful if you have multiple domain names for your server, with different certificates covering different domain names. Configure your TLS listener like this:
|
||||
|
||||
```yaml
|
||||
":6697":
|
||||
tls-certificates:
|
||||
-
|
||||
cert: cert1.pem
|
||||
key: key1.pem
|
||||
-
|
||||
cert: cert2.pem
|
||||
key: key2.pem
|
||||
```
|
||||
|
||||
--------------------------------------------------------------------------------------------
|
||||
|
||||
|
@ -23,6 +23,8 @@ server:
|
||||
|
||||
# The standard SSL/TLS port for IRC is 6697. This will listen on all interfaces:
|
||||
":6697":
|
||||
# this is a standard TLS configuration with a single certificate;
|
||||
# see the manual for instructions on how to configure SNI
|
||||
tls:
|
||||
cert: fullchain.pem
|
||||
key: privkey.pem
|
||||
|
Loading…
Reference in New Issue
Block a user