Rebuild config file

[privoxy.git] / doc / source / p-config.sgml

diff --git a/doc/source/p-config.sgml b/doc/source/p-config.sgml
index 358e591..a70f459 100644 (file)
--- a/doc/source/p-config.sgml
+++ b/doc/source/p-config.sgml
@@ -4007,7 +4007,18 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t</title>
     in ".crt" format.
    </para>
    <para>
-    It can be generated with: openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.crt -days 3650
+    The file is used by &my-app; to generate website certificates
+    when https filtering is enabled with the
+    <literal><ulink url="actions-file.html#ENABLE-HTTP-FILTERING">enable-https-filtering</ulink></literal>
+    action.
+   </para>
+   <para>
+    &my-app; clients should import the certificate so that they
+    can validate the generated certificates.
+   </para>
+   <para>
+    The file can be generated with:
+    openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.crt -days 3650
    </para>
   </listitem>
  </varlistentry>
@@ -4184,7 +4195,10 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t</title>
   <listitem>
    <para>
     This directive specifies the directory where generated
-    TLS/SSL keys and certificates are saved.
+    TLS/SSL keys and certificates are saved when https filtering
+    is enabled with the
+    <literal><ulink url="actions-file.html#ENABLE-HTTP-FILTERING">enable-https-filtering</ulink></literal>
+    action.
    </para>
    <para>
     The keys and certificates currently have to be deleted manually
@@ -4250,7 +4264,7 @@ forward-socks4, forward-socks4a, forward-socks5 and forward-socks5t</title>
   <listitem>
    <para>
     This directive specifies the trusted CAs file that is used when validating
-    certificates for intercepted TLS/SSL request.
+    certificates for intercepted TLS/SSL requests.
    </para>
    <para>
     An example file can be downloaded from