1 files changed, 16 insertions, 2 deletions
diff --git a/doc/chapters/tlsauthentication.inc b/doc/chapters/tlsauthentication.inc
index 4f9c4443..278a3ba5 100644
--- a/doc/chapters/tlsauthentication.inc
+++ b/doc/chapters/tlsauthentication.inc
@@ -135,8 +135,22 @@ both of uncritically @emph{HTTP} parts and secured @emph{HTTPS}.
 You can also use MHD to authenticate the client via SSL/TLS certificates
 (as an alternative to using the password-based Basic or Digest authentication).
 To do this, you will need to link your application against @emph{gnutls}.
-For this, you first need to obtain the raw GnuTLS session handle from 
+Next, when you start the MHD daemon, you must specify the root CA that you're 
-@emph{MHD} using @code{MHD_get_connection_info}.  
+willing to trust:
+@verbatim
+  daemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_SSL, 
+                             PORT, NULL, NULL,
+                             &answer_to_connection, NULL, 
+                             MHD_OPTION_HTTPS_MEM_KEY, key_pem,
+                             MHD_OPTION_HTTPS_MEM_CERT, cert_pem,
+                             MHD_OPTION_HTTPS_MEM_TRUST, root_ca_pem,
+                             MHD_OPTION_END);
+@end verbatim
+With this, you can then obtain client certificates for each session.
+In order to obtain the identity of the client, you first need to
+obtain the raw GnuTLS session handle from @emph{MHD} using
+@code{MHD_get_connection_info}.
 @verbatim
 #include <gnutls/gnutls.h>

diff --git a/doc/chapters/tlsauthentication.inc b/doc/chapters/tlsauthentication.inc index 4f9c4443..278a3ba5 100644 --- a/doc/chapters/tlsauthentication.inc +++ b/doc/chapters/tlsauthentication.inc
@@ -135,8 +135,22 @@ both of uncritically @emph{HTTP} parts and secured @emph{HTTPS}.
135	You can also use MHD to authenticate the client via SSL/TLS certificates	135	You can also use MHD to authenticate the client via SSL/TLS certificates
136	(as an alternative to using the password-based Basic or Digest authentication).	136	(as an alternative to using the password-based Basic or Digest authentication).
137	To do this, you will need to link your application against @emph{gnutls}.	137	To do this, you will need to link your application against @emph{gnutls}.
138	For this, you first need to obtain the raw GnuTLS session handle from	138	Next, when you start the MHD daemon, you must specify the root CA that you're
139	@emph{MHD} using @code{MHD_get_connection_info}.	139	willing to trust:
		140	@verbatim
		141	daemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY \| MHD_USE_SSL,
		142	PORT, NULL, NULL,
		143	&answer_to_connection, NULL,
		144	MHD_OPTION_HTTPS_MEM_KEY, key_pem,
		145	MHD_OPTION_HTTPS_MEM_CERT, cert_pem,
		146	MHD_OPTION_HTTPS_MEM_TRUST, root_ca_pem,
		147	MHD_OPTION_END);
		148	@end verbatim
		149
		150	With this, you can then obtain client certificates for each session.
		151	In order to obtain the identity of the client, you first need to
		152	obtain the raw GnuTLS session handle from @emph{MHD} using
		153	@code{MHD_get_connection_info}.
140		154
141	@verbatim	155	@verbatim
142	#include <gnutls/gnutls.h>	156	#include <gnutls/gnutls.h>