Revert "Comment out/remove HTTPS-related documentation and examples"

This reverts commit 2ccc72c963.
2024-11-03 04:17:18 -05:00 · 2015-05-23 09:53:03 +02:00 · 2015-05-23 09:53:03 +02:00 · 2016cb5012
commit 2016cb5012
parent 2ccc72c963
2 changed files with 47 additions and 29 deletions
--- a/doc/ezstream.1.in.in
+++ b/doc/ezstream.1.in.in
@ -153,8 +153,8 @@ Transport protocol used to stream to the server:
 .Bl -tag -width HTTPS -compact
 .It Ar HTTP
 Unencrypted HTTP (the default).
-.\" .It Ar HTTPS
-.\" HTTP over TLS.
+.It Ar HTTPS
+HTTP over TLS.
 .El
 .It Sy \&<hostname\ /\&>
 .Pq Mandatory.
@ -172,33 +172,33 @@ Default:
 .It Sy \&<password\ /\&>
 .Pq Mandatory.
 Password to authenticate with on the server.
-.\" .It Sy \&<ca_dir\ /\&>
-.\" Directory in which OpenSSL finds root CA certificates for validating the
-.\" .Ar HTTPS
-.\" server identity.
-.\" .Pp
-.\" Default:
-.\" .Em no server validation
-.\" .It Sy \&<ca_file\ /\&>
-.\" Path of a root CA bundle file for validating the
-.\" .Ar HTTPS
-.\" server identity.
-.\" .Pp
-.\" Default:
-.\" .Em no server validation
-.\" .It Sy \&<client_cert\ /\&>
-.\" X.503 client certificate for authentication on an
-.\" .Ar HTTPS
-.\" server.
-.\" .Pp
-.\" Default:
-.\" .Em no client certificate authentication
-.\" .It Sy \&<client_key\ /\&>
-.\" Private key that matches the public key and certificate in
-.\" .Sy \&<client_cert\ /\&> .
-.\" .Pp
-.\" Default:
-.\" .Em no client certificate authentication
+.It Sy \&<ca_dir\ /\&>
+Directory in which OpenSSL finds root CA certificates for validating the
+.Ar HTTPS
+server identity.
+.Pp
+Default:
+.Em no server validation
+.It Sy \&<ca_file\ /\&>
+Path of a root CA bundle file for validating the
+.Ar HTTPS
+server identity.
+.Pp
+Default:
+.Em no server validation
+.It Sy \&<client_cert\ /\&>
+X.503 client certificate for authentication on an
+.Ar HTTPS
+server.
+.Pp
+Default:
+.Em no client certificate authentication
+.It Sy \&<client_key\ /\&>
+Private key that matches the public key and certificate in
+.Sy \&<client_cert\ /\&> .
+.Pp
+Default:
+.Em no client certificate authentication
 .It Sy \&<reconnect_attempts\ /\&>
 Number of reconnect attempts in case of connection issues with the server,
 or 0
--- a/examples/ezstream-full.xml
+++ b/examples/ezstream-full.xml
@ -26,6 +26,24 @@
    <!-- Login password (check file permissions, or everyone can see this) -->
    <password>hackme</password>

+    <!--
+      Directory to use for server certificate verification in "hash format".
+      See openssl(1)/verify(1) for details:
+      -->
+    <ca_dir>/etc/ssl/certs</ca_dir>
+
+    <!--
+      CA bundle for both server certificate verification and building the
+      client certificate chain.
+      -->
+    <ca_file>/etc/ssl/certs/ca-certificates.crt</ca_file>
+
+    <!-- Client certificate (with public key) for authentication -->
+    <client_cert>/etc/ssl/ezstream.crt</client_cert>
+
+    <!-- Client private key for authentication -->
+    <client_key>/etc/ssl/private/ezstream.key</client_key>
+
    <!-- Number of reconnection attempts, before giving up: -->
    <reconnect_attempts>0</reconnect_attempts>
  </server>