ITS#7595 Add Elliptic Curve support for OpenSSL

[openldap] / doc / man / man5 / slapd.conf.5

diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5
index 1a895c9d8b89d17adb6122257762098d653444fe..df2c1b151674f04d2a7c95b8ed2a38151fdbd64c 100644 (file)
--- a/doc/man/man5/slapd.conf.5
+++ b/doc/man/man5/slapd.conf.5
@@ -1162,6 +1162,13 @@ are not used.
 When using Mozilla NSS these parameters are always generated randomly
 so this directive is ignored.
 .TP
+.B TLSECName <name>
+Specify the name of a curve to use for Elliptic curve Diffie-Hellman
+ephemeral key exchange.  This is required to enable ECDHE algorithms in
+OpenSSL.  This option is not used with GnuTLS; the curves may be
+chosen in the GnuTLS ciphersuite specification. This option is also
+ignored for Mozilla NSS.
+.TP
 .B TLSProtocolMin <major>[.<minor>]
 Specifies minimum SSL/TLS protocol version that will be negotiated.
 If the server doesn't support at least that version,