docs: document ssl_protocols, remove document for disableSSLv3

This commit is contained in:
Koichiro IWAO 2016-12-14 14:50:08 +09:00 committed by metalefty
parent c64e9992e6
commit eefc099df7

View File

@ -95,12 +95,6 @@ Processing Standard 140-1 validated encryption methods.
.I enforces FIPS-compliance mode.
.RE
.TP
\fBdisableSSLv3\fP=\fI[true|false]\fP
If set to \fB1\fP, \fBtrue\fP or \fByes\fP, \fBxrdp\fP will not accept SSLv3 connections.
If not specified, defaults to \fBfalse\fP.
This parameter is effective only if \fBsecurity_layer\fP is set to \fBtls\fP or \fBnegotiate\fP.
.TP
\fBfork\fP=\fI[true|false]\fP
If set to \fB1\fR, \fBtrue\fR or \fByes\fR for each incoming connection \fBxrdp\fR(8) forks a sub-process instead of using threads.
@ -149,6 +143,12 @@ of Standard RDP Security is controlled by \fBcrypt_level\fP.
Negotiate these security methods with clients.
.RE
.TP
\fBssl_protocols\fP=\fI[SSLv3] [TLSv1] [TLSv1.1] [TLSv1.2]\fP
Enables the specified SSL/TLS protocols. Each value should be separated by space.
SSLv2 is always disabled. At least one protocol should be given to accept TLS connections.
This parameter is effective only if \fBsecurity_layer\fP is set to \fBtls\fP or \fBnegotiate\fP.
.TP
\fBtcp_keepalive\fP=\fI[true|false]\fP
Regulate if the listening socket uses socket option \fBSO_KEEPALIVE\fP.