document SSL::SSL::SSLContext#set_params use

I use whatever Ruby developers deem to be reasonable defaults. Because compatibility with old systems is still valued, these may not be the safest possible configuration; but ought to be better than what OpenSSL upstream provides by default.
author: Eric Wong <e@80x24.org> 2016-02-29 02:05:35 +0000
committer: Eric Wong <e@80x24.org> 2016-02-29 02:14:22 +0000
commit: 3aba6b86a127954fdcd1c1c51ce66b5731176e50 (patch)
tree: bbaa000ff8119722fae7989d1e486e271ac8a16d
parent: 8e10022604d190746f528d81978456dcef80f67b (diff)
download: yahns-3aba6b86a127954fdcd1c1c51ce66b5731176e50.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/Documentation/yahns_config.pod b/Documentation/yahns_config.pod
index 3b1f2e4..aadd691 100644
--- a/Documentation/yahns_config.pod
+++ b/Documentation/yahns_config.pod
@@ -446,6 +446,7 @@ An example which seems to work is:
    ssl_ctx.key = OpenSSL::PKey::RSA.new(
      IO.read('/etc/ssl/private/example.key')
    )
+  ssl_ctx.set_params # use defaults provided by Ruby on top of OpenSSL
  
    app(:rack, "/path/to/my/app/config.ru") do
      listen 443, ssl_ctx: ssl_ctx
author	Eric Wong <e@80x24.org>	2016-02-29 02:05:35 +0000
committer	Eric Wong <e@80x24.org>	2016-02-29 02:14:22 +0000
commit	3aba6b86a127954fdcd1c1c51ce66b5731176e50 (patch)
tree	bbaa000ff8119722fae7989d1e486e271ac8a16d
parent	8e10022604d190746f528d81978456dcef80f67b (diff)
download	yahns-3aba6b86a127954fdcd1c1c51ce66b5731176e50.tar.gz