</listitem>
</varlistentry>
</variablelist>
-<![%config-file;[<literallayout>@@#default-server-timeout 60</literallayout>]]>
+<![%config-file;[<literallayout>@@#default-server-timeout 5</literallayout>]]>
</sect3>
<sect2 id="tls">
-<title>TLS/SSL Inspection</title>
+<title>TLS/SSL Inspection (Experimental)</title>
<!-- ~~~~~ New section ~~~~~ -->
</listitem>
</varlistentry>
</variablelist>
-<![%config-file;[<literallayout>@@#ca-key-file root.pem</literallayout>]]>
+<![%config-file;[<literallayout>@@#ca-key-file cakey.pem</literallayout>]]>
</sect3>
<!-- ~ End section ~ -->
<term>Specifies:</term>
<listitem>
<para>
- Directory to safe generated keys and certificates.
+ Directory to save generated keys and certificates.
</para>
</listitem>
</varlistentry>
and the <ulink url="#CA-CERT-KEY">ca-cert-key</ulink>.
</para>
<para>
- The permissions should only let &my-app; and the &my-app;
+ The permissions should only let &my-app; and the &my-app;
admin access the directory.
</para>
+ <warning>
+ <para>
+ &my-app; currently does not garbage-collect obsolete keys
+ and certificates and does not keep track of how may keys
+ and certificates exist.
+ </para>
+ <para>
+ &my-app; admins should monitor the size of the directory
+ and/or make sure there is sufficient space available.
+ A cron job to limit the number of keys and certificates
+ to a certain number may be worth considering.
+ </para>
+ </warning>
</listitem>
</varlistentry>
<varlistentry>