|
@@ -92,7 +92,8 @@ mqtt_max_topic_alias.label:
|
|
|
"""Max Topic Alias"""
|
|
"""Max Topic Alias"""
|
|
|
|
|
|
|
|
common_ssl_opts_schema_user_lookup_fun.desc:
|
|
common_ssl_opts_schema_user_lookup_fun.desc:
|
|
|
-"""EMQX-internal callback that is used to lookup pre-shared key (PSK) identity."""
|
|
|
|
|
|
|
+"""EMQX-internal callback that is used to lookup pre-shared key (PSK) identity.</br>
|
|
|
|
|
+Has no effect when TLS version is configured (or negotiated) to 1.3"""
|
|
|
|
|
|
|
|
common_ssl_opts_schema_user_lookup_fun.label:
|
|
common_ssl_opts_schema_user_lookup_fun.label:
|
|
|
"""SSL PSK user lookup fun"""
|
|
"""SSL PSK user lookup fun"""
|
|
@@ -1240,7 +1241,8 @@ The SSL application already takes measures to counter-act such attempts,
|
|
|
but client-initiated renegotiation can be strictly disabled by setting this option to false.
|
|
but client-initiated renegotiation can be strictly disabled by setting this option to false.
|
|
|
The default value is true. Note that disabling renegotiation can result in
|
|
The default value is true. Note that disabling renegotiation can result in
|
|
|
long-lived connections becoming unusable due to limits on
|
|
long-lived connections becoming unusable due to limits on
|
|
|
-the number of messages the underlying cipher suite can encipher."""
|
|
|
|
|
|
|
+the number of messages the underlying cipher suite can encipher.</br>
|
|
|
|
|
+Has no effect when TLS version is configured (or negotiated) to 1.3"""
|
|
|
|
|
|
|
|
server_ssl_opts_schema_client_renegotiation.label:
|
|
server_ssl_opts_schema_client_renegotiation.label:
|
|
|
"""SSL client renegotiation"""
|
|
"""SSL client renegotiation"""
|
|
@@ -1326,7 +1328,8 @@ common_ssl_opts_schema_secure_renegotiate.desc:
|
|
|
"""SSL parameter renegotiation is a feature that allows a client and a server
|
|
"""SSL parameter renegotiation is a feature that allows a client and a server
|
|
|
to renegotiate the parameters of the SSL connection on the fly.
|
|
to renegotiate the parameters of the SSL connection on the fly.
|
|
|
RFC 5746 defines a more secure way of doing this. By enabling secure renegotiation,
|
|
RFC 5746 defines a more secure way of doing this. By enabling secure renegotiation,
|
|
|
-you drop support for the insecure renegotiation, prone to MitM attacks."""
|
|
|
|
|
|
|
+you drop support for the insecure renegotiation, prone to MitM attacks.</br>
|
|
|
|
|
+Has no effect when TLS version is configured (or negotiated) to 1.3"""
|
|
|
|
|
|
|
|
common_ssl_opts_schema_secure_renegotiate.label:
|
|
common_ssl_opts_schema_secure_renegotiate.label:
|
|
|
"""SSL renegotiate"""
|
|
"""SSL renegotiate"""
|
|
@@ -1361,7 +1364,8 @@ mqtt_max_packet_size.label:
|
|
|
"""Max Packet Size"""
|
|
"""Max Packet Size"""
|
|
|
|
|
|
|
|
common_ssl_opts_schema_reuse_sessions.desc:
|
|
common_ssl_opts_schema_reuse_sessions.desc:
|
|
|
-"""Enable TLS session reuse."""
|
|
|
|
|
|
|
+"""Enable TLS session reuse.</br>
|
|
|
|
|
+Has no effect when TLS version is configured (or negotiated) to 1.3"""
|
|
|
|
|
|
|
|
common_ssl_opts_schema_reuse_sessions.label:
|
|
common_ssl_opts_schema_reuse_sessions.label:
|
|
|
"""TLS session reuse"""
|
|
"""TLS session reuse"""
|
Ivan Dyachkov