doc: mention SSL support dropped for RPC in release notes

2015-08-28 12:20:01 +02:00 · 2015-08-28 12:20:01 +02:00 · 57d85d9bee
commit 57d85d9bee
parent 40b556d374
1 changed files with 23 additions and 0 deletions
--- a/doc/release-notes.md
+++ b/doc/release-notes.md
@ -4,6 +4,29 @@ release-notes at release time)
 Notable changes
 ===============

+SSL support for RPC dropped
+----------------------------
+
+SSL support for RPC, previously enabled by the option `rpcssl` has been dropped
+from both the client and the server. This was done in preparation for removing
+the dependency on OpenSSL for the daemon completely.
+
+Trying to use `rpcssl` will result in an error:
+
+    Error: SSL mode for RPC (-rpcssl) is no longer supported.
+
+If you are one of the few people that relies on this feature, a flexible
+migration path is to use `stunnel`. This is an utility that can tunnel
+arbitrary TCP connections inside SSL. On e.g. Ubuntu it can be installed with:
+
+    sudo apt-get install stunnel4
+
+Then, to tunnel a SSL connection on 28332 to a RPC server bound on localhost on port 18332 do:
+
+    stunnel -d 28332 -r 127.0.0.1:18332 -p stunnel.pem -P ''
+
+It can also be set up system-wide in inetd style.
+
 Random-cookie RPC authentication
 ---------------------------------