Correct SSL docs as to the list of ciphers used by default. Add note about export...

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@684922 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml
index 4a488b0..39ed424 100644 (file)
--- a/webapps/docs/config/http.xml
+++ b/webapps/docs/config/http.xml
@@ -685,8 +685,11 @@
     </attribute>
 
     <attribute name="ciphers" required="false">
-      <p>A comma seperated list of the encryption ciphers that may be used.
-      If not specified, then any available cipher may be used.</p>
+      <p>The comma separated list of encryption ciphers that this socket is 
+      allowed to use. By default, the default ciphers for the JVM will be used.
+      Note that this usually means that the weak export grade ciphers will be
+      included in the list of available ciphers. The ciphers are specified using
+      the JSSE cipher naming convention.</p>
     </attribute>
 
     <attribute name="keyAlias" required="false">

diff --git a/webapps/docs/ssl-howto.xml b/webapps/docs/ssl-howto.xml
index e3e551a..8bc0b33 100644 (file)
--- a/webapps/docs/ssl-howto.xml
+++ b/webapps/docs/ssl-howto.xml
@@ -465,7 +465,10 @@ values, depending on how you configured your keystore earlier:</p>
   <tr>
     <td><code>ciphers</code></td>
     <td>The comma separated list of encryption ciphers that this socket is 
-        allowed to use.  By default, any available cipher is allowed.</td>
+        allowed to use. By default, the default ciphers for the JVM will be
+        used. Note that this usually means that the weak export grade ciphers
+        will be included in the list of available ciphers. The ciphers are
+        specified using the JSSE cipher naming convention.</td>
   </tr>
   <tr>
     <td><code>algorithm</code></td>