aboutsummaryrefslogtreecommitdiff
path: root/doc/release-notes.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/release-notes.md')
-rw-r--r--doc/release-notes.md23
1 files changed, 23 insertions, 0 deletions
diff --git a/doc/release-notes.md b/doc/release-notes.md
index 9caac4f7ae..2fc601d435 100644
--- a/doc/release-notes.md
+++ b/doc/release-notes.md
@@ -4,6 +4,29 @@ release-notes at release time)
Notable changes
===============
+SSL support for RPC dropped
+----------------------------
+
+SSL support for RPC, previously enabled by the option `rpcssl` has been dropped
+from both the client and the server. This was done in preparation for removing
+the dependency on OpenSSL for the daemon completely.
+
+Trying to use `rpcssl` will result in an error:
+
+ Error: SSL mode for RPC (-rpcssl) is no longer supported.
+
+If you are one of the few people that relies on this feature, a flexible
+migration path is to use `stunnel`. This is an utility that can tunnel
+arbitrary TCP connections inside SSL. On e.g. Ubuntu it can be installed with:
+
+ sudo apt-get install stunnel4
+
+Then, to tunnel a SSL connection on 28332 to a RPC server bound on localhost on port 18332 do:
+
+ stunnel -d 28332 -r 127.0.0.1:18332 -p stunnel.pem -P ''
+
+It can also be set up system-wide in inetd style.
+
Random-cookie RPC authentication
---------------------------------
generated by cgit v1.2.3 (git 2.26.2) at 2024-07-19 16:44:09 +0000