diff --git a/doc/ircd.conf.example b/doc/ircd.conf.example index 1e11bd6ff..d0821b221 100644 --- a/doc/ircd.conf.example +++ b/doc/ircd.conf.example @@ -61,12 +61,12 @@ serverinfo { /* for IPv6 */ #vhost6 = "2001:db8:2::6"; - /* ssl_private_key: our ssl private key */ - ssl_private_key = "etc/ssl.key"; - - /* ssl_cert: certificate for our ssl server */ + /* ssl_cert: certificate (and optionally key) for our ssl server */ ssl_cert = "etc/ssl.pem"; + /* ssl_private_key: our ssl private key (if not contained in ssl_cert file) */ + #ssl_private_key = "etc/ssl.key"; + /* ssl_dh_params: DH parameters, generate with openssl dhparam -out dh.pem 2048 * In general, the DH parameters size should be the same as your key's size. * However it has been reported that some clients have broken TLS implementations which may diff --git a/doc/reference.conf b/doc/reference.conf index d0b17bb0a..b8e99f837 100644 --- a/doc/reference.conf +++ b/doc/reference.conf @@ -148,12 +148,12 @@ serverinfo { */ #vhost6 = "2001:db7:2::6"; - /* ssl_private_key: our ssl private key */ - ssl_private_key = "etc/ssl.key"; - - /* ssl_cert: certificate for our ssl server */ + /* ssl_cert: certificate (and optionally key) for our ssl server */ ssl_cert = "etc/ssl.pem"; + /* ssl_private_key: our ssl private key (if not contained in ssl_cert file) */ + #ssl_private_key = "etc/ssl.key"; + /* ssl_dh_params: DH parameters, generate with openssl dhparam -out dh.pem 1024 */ ssl_dh_params = "etc/dh.pem";