Purpose : Used with other docs and files only.
- Copyright (C) 2001-2019 Privoxy Developers https://www.privoxy.org/
+ Copyright (C) 2001-2020 Privoxy Developers https://www.privoxy.org/
See LICENSE.
========================================================================
Sample Configuration File for Privoxy &p-version;
</title>
<para>
-Copyright (C) 2001-2019 Privoxy Developers https://www.privoxy.org/
+Copyright (C) 2001-2020 Privoxy Developers https://www.privoxy.org/
</para>
<literallayout>
The available debug levels are:
</para>
<programlisting>
- debug 1 # Log the destination for each request &my-app; let through. See also debug 1024.
+ debug 1 # Log the destination for each request. See also debug 1024.
debug 2 # show each connection status
debug 4 # show I/O status
debug 8 # show header parsing
If your system implements
<ulink url="http://tools.ietf.org/html/rfc3493">RFC 3493</ulink>, then
<replaceable class="parameter">src_addr</replaceable> and <replaceable
- class="parameter">dst_addr</replaceable> can be IPv6 addresses delimeted by
+ class="parameter">dst_addr</replaceable> can be IPv6 addresses delimited by
brackets, <replaceable class="parameter">port</replaceable> can be a number
or a service name, and
<replaceable class="parameter">src_masklen</replaceable> and
<listitem>
<para>
Under high load incoming connection may queue up before Privoxy
- gets around to serve them. The queue length is limitted by the
+ gets around to serve them. The queue length is limited by the
operating system. Once the queue is full, additional connections
are dropped before Privoxy can accept and serve them.
</para>
<para>
Increasing the queue length allows Privoxy to accept more
- incomming connections that arrive roughly at the same time.
+ incoming connections that arrive roughly at the same time.
</para>
<para>
Note that Privoxy can only request a certain queue length,
CA key, the CA certificate and the trusted CAs file
are located.
</para>
+ <para>
+ The permissions should only let &my-app; and the &my-app;
+ admin access the directory.
+ </para>
</listitem>
</varlistentry>
<varlistentry>
in ".crt" format.
</para>
<para>
- It can be generated with: openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.crt -days 3650
+ The file is used by &my-app; to generate website certificates
+ when https inspection is enabled with the
+ <literal><ulink url="actions-file.html#HTTPS-INSPECTION">https-inspection</ulink></literal>
+ action.
+ </para>
+ <para>
+ &my-app; clients should import the certificate so that they
+ can validate the generated certificates.
+ </para>
+ <para>
+ The file can be generated with:
+ openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.crt -days 3650
</para>
</listitem>
</varlistentry>
<listitem>
<para>
This directive specifies the directory where generated
- TLS/SSL keys and certificates are saved.
+ TLS/SSL keys and certificates are saved when https inspection
+ is enabled with the
+ <literal><ulink url="actions-file.html#HTTPS-INSPECTION">https-inspection</ulink></literal>
+ action.
+ </para>
+ <para>
+ The keys and certificates currently have to be deleted manually
+ when changing the <ulink url="#CA-CERT-FILE">ca-cert-file</ulink>
+ and the <ulink url="#CA-CERT-KEY">ca-cert-key</ulink>.
+ </para>
+ <para>
+ The permissions should only let &my-app; and the &my-app;
+ admin access the directory.
</para>
</listitem>
</varlistentry>
<listitem>
<para>
This directive specifies the trusted CAs file that is used when validating
- certificates for intercepted TLS/SSL request.
+ certificates for intercepted TLS/SSL requests.
</para>
<para>
An example file can be downloaded from
projects / privoxy.git / blobdiff