Purpose : Used with other docs and files only.
- Copyright (C) 2001-2019 Privoxy Developers https://www.privoxy.org/
+ Copyright (C) 2001-2020 Privoxy Developers https://www.privoxy.org/
See LICENSE.
========================================================================
Sample Configuration File for Privoxy &p-version;
</title>
<para>
-Copyright (C) 2001-2019 Privoxy Developers https://www.privoxy.org/
+Copyright (C) 2001-2020 Privoxy Developers https://www.privoxy.org/
</para>
<literallayout>
If the specified address isn't available on the system, or if the
hostname can't be resolved, <application>Privoxy</application>
will fail to start.
+ On GNU/Linux, and other platforms that can listen on not yet assigned IP
+ addresses, Privoxy will start and will listen on the specified
+ address whenever the IP address is assigned to the system
</para>
<para>
IPv6 addresses containing colons have to be quoted by brackets.
# Define a couple of tags, the described effect requires action sections
# that are enabled based on CLIENT-TAG patterns.
client-specific-tag circumvent-blocks Overrule blocks but do not affect other actions
- disable-content-filters Disable content-filters but do not affect other actions
+ client-specific-tag disable-content-filters Disable content-filters but do not affect other actions
</screen>
</listitem>
</varlistentry>
CA key, the CA certificate and the trusted CAs file
are located.
</para>
+ <para>
+ The permissions should only let &my-app; and the &my-app;
+ admin access the directory.
+ </para>
</listitem>
</varlistentry>
<varlistentry>
in ".crt" format.
</para>
<para>
- It can be generated with: openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.crt -days 3650
+ The file is used by &my-app; to generate website certificates
+ when https filtering is enabled with the
+ <literal><ulink url="actions-file.html#ENABLE-HTTPS-FILTERING">enable-https-filtering</ulink></literal>
+ action.
+ </para>
+ <para>
+ &my-app; clients should import the certificate so that they
+ can validate the generated certificates.
+ </para>
+ <para>
+ The file can be generated with:
+ openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.crt -days 3650
</para>
</listitem>
</varlistentry>
<listitem>
<para>
This directive specifies the directory where generated
- TLS/SSL keys and certificates are saved.
+ TLS/SSL keys and certificates are saved when https filtering
+ is enabled with the
+ <literal><ulink url="actions-file.html#ENABLE-HTTPS-FILTERING">enable-https-filtering</ulink></literal>
+ action.
+ </para>
+ <para>
+ The keys and certificates currently have to be deleted manually
+ when changing the <ulink url="#CA-CERT-FILE">ca-cert-file</ulink>
+ and the <ulink url="#CA-CERT-KEY">ca-cert-key</ulink>.
+ </para>
+ <para>
+ The permissions should only let &my-app; and the &my-app;
+ admin access the directory.
</para>
</listitem>
</varlistentry>
<listitem>
<para>
This directive specifies the trusted CAs file that is used when validating
- certificates for intercepted TLS/SSL request.
+ certificates for intercepted TLS/SSL requests.
</para>
<para>
An example file can be downloaded from