Minor clarification as a result of bug 46498

author markt <markt@13f79535-47bb-0310-9956-ffa450edef68>

Fri, 30 Jan 2009 05:35:25 +0000 (05:35 +0000)

committer markt <markt@13f79535-47bb-0310-9956-ffa450edef68>

Fri, 30 Jan 2009 05:35:25 +0000 (05:35 +0000)
author markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Fri, 30 Jan 2009 05:35:25 +0000 (05:35 +0000)
committer markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Fri, 30 Jan 2009 05:35:25 +0000 (05:35 +0000)
diff --git a/webapps/docs/ssl-howto.xml b/webapps/docs/ssl-howto.xml

index 5a61d3d..4d8ca91 100644 (file)
--- a/webapps/docs/ssl-howto.xml
+++ b/webapps/docs/ssl-howto.xml
@@ -424,6 +424,9 @@ values, depending on how you configured your keystore earlier:</p>
          all SSL clients to present a client Certificate in order to use
          this socket.  Set this value to <code>want</code> if you want Tomcat
          to request a client Certificate, but not fail if one isn't presented.
+        A <code>false</code> value (which is the default) will not require a
+        certificate chain unless the client requests a resource protected by a
+        security constraint that uses <code>CLIENT-CERT</code> authentication.
      </td>
    </tr>
    <tr><td><code>SSLEnabled</code></td>
author	markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
	Fri, 30 Jan 2009 05:35:25 +0000 (05:35 +0000)
committer	markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
	Fri, 30 Jan 2009 05:35:25 +0000 (05:35 +0000)