Commit 14822a8b authored by Rainer Jung's avatar Rainer Jung
Browse files

Be more precise. 

docs = CTR.

Backport of r1681034 from 2.4.x.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1681035 13f79535-47bb-0310-9956-ffa450edef68
parent 0d64c581

docs/manual/mod/mod_ssl.xml

+3 −1
Original line number Diff line number Diff line
@@ -2004,7 +2004,9 @@ dd if=/dev/random of=/path/to/file.tkey bs=1 count=48 


<p>Ticket keys should be rotated (replaced) on a frequent basis,

as this is the only way to invalidate an existing session ticket -

OpenSSL currently doesn't allow to specify a limit for ticket lifetimes.</p>

OpenSSL currently doesn't allow to specify a limit for ticket lifetimes.

A new ticket key only gets used after restarting the web server.

All existing session tickets become invalid after a restart.</p>



<note type="warning">

<p>The ticket key file contains sensitive keying material and should