summaryrefslogtreecommitdiff
path: root/doc/reference.conf
diff options
context:
space:
mode:
Diffstat (limited to 'doc/reference.conf')
-rw-r--r--doc/reference.conf19
1 files changed, 19 insertions, 0 deletions
diff --git a/doc/reference.conf b/doc/reference.conf
index 9d12229..4cb5fe2 100644
--- a/doc/reference.conf
+++ b/doc/reference.conf
@@ -457,6 +457,18 @@ operator {
*/
# rsa_public_key_file = "/usr/local/ircd/etc/oper.pub";
+ /*
+ * fingerprint: enhances security by additionally checking the oper's
+ * client certificate fingerprint against the specified fingerprint
+ * below.
+ *
+ * Hint: your users can use the following command to obtain a SHA-256 hash
+ * of their ssl certificate:
+ *
+ * openssl x509 -sha256 -noout -fingerprint -in cert.pem | sed -e 's/^.*=//;s/://g'
+ */
+# fingerprint = "4C62287BA6776A89CD4F8FF10A62FFB35E79319F51AF6C62C674984974FCCB1D";
+
/* class: the class the oper joins when they successfully /oper */
class = "opers";
@@ -600,6 +612,13 @@ connect {
# ssl_cipher_list = "DHE-RSA-AES256-SHA:AES256-SHA";
/*
+ * fingerprint: enhances security by additionally checking the server's
+ * client certificate fingerprint against the specified fingerprint
+ * below.
+ */
+# fingerprint = "4C62287BA6776A89CD4F8FF10A62FFB35E79319F51AF6C62C674984974FCCB1D";
+
+ /*
* autoconn - controls whether we autoconnect to this server or not,
* dependent on class limits. By default, this is disabled.
* ssl - Initiates a TLS/SSL connection.
generated by cgit (git 2.34.1) at 2025-07-15 22:09:44 +0000