From: Magnus Hagander <magnus@hagander.net>
Date: Sun, 27 Nov 2016 16:10:02 +0000 (+0100)
Subject: Mention server start requirement for ssl parameters
X-Git-Tag: REL_10_BETA1~1364
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c6dbc7b65175f791b8e63a1970ee6b6f68ebec09;p=postgresql

Mention server start requirement for ssl parameters

Fix that the documentation for three ssl related parameters did not
specify that they can only be changed at server start.

Michael Paquier
---

diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index dcd06634fe..d8d207e5eb 100644
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -1048,7 +1048,8 @@ include_dir 'conf.d'
         in the <application>OpenSSL</> package for the syntax of this setting
         and a list of supported values.  The default value is
         <literal>HIGH:MEDIUM:+3DES:!aNULL</>.  It is usually reasonable,
-        unless you have specific security requirements.
+        unless you have specific security requirements.  This parameter can only
+        be set at server start.
        </para>
 
        <para>
@@ -1120,7 +1121,8 @@ include_dir 'conf.d'
       <listitem>
        <para>
         Specifies whether to use the server's SSL cipher preferences, rather
-        than the client's.  The default is true.
+        than the client's.  The default is true.  This parameter can only be
+        set at server start.
        </para>
 
        <para>
@@ -1144,7 +1146,8 @@ include_dir 'conf.d'
         Specifies the name of the curve to use in <acronym>ECDH</> key
         exchange.  It needs to be supported by all clients that connect.
         It does not need to be same curve as used by server's Elliptic
-        Curve key.  The default is <literal>prime256v1</>.
+        Curve key.  The default is <literal>prime256v1</>.  This parameter
+        can only be set at server start.
        </para>
 
        <para>