ITS#7595 Add Elliptic Curve support for OpenSSL

[openldap] / doc / man / man5 / slapd-config.5

diff --git a/doc/man/man5/slapd-config.5 b/doc/man/man5/slapd-config.5
index 95621a1f25c649c2dc300aaccffc3d96b4792b52..83b0d32fc794ff0d6ab17784798d5ace9bb3cf54 100644 (file)
--- a/doc/man/man5/slapd-config.5
+++ b/doc/man/man5/slapd-config.5
@@ -931,6 +931,13 @@ are not used.
 When using Mozilla NSS these parameters are always generated randomly
 so this directive is ignored.
 .TP
+.B olcTLSECName: <name>
+Specify the name of a curve to use for Elliptic curve Diffie-Hellman
+ephemeral key exchange.  This is required to enable ECDHE algorithms in
+OpenSSL.  This option is not used with GnuTLS; the curves may be
+chosen in the GnuTLS ciphersuite specification. This option is also
+ignored for Mozilla NSS.
+.TP
 .B olcTLSProtocolMin: <major>[.<minor>]
 Specifies minimum SSL/TLS protocol version that will be negotiated.
 If the server doesn't support at least that version,