Improvements to the Jetty documentation.

Added section ids to TLS documentation. Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
jetty · Oct 5, 2020 · 9c0f61d · 9c0f61d
1 parent 7e75215
commit 9c0f61d
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/...y-documentation/src/main/asciidoc/operations-guide/protocols/protocols-ssl.adoc b/...y-documentation/src/main/asciidoc/operations-guide/protocols/protocols-ssl.adoc
@@ -34,6 +34,7 @@ If you enable _both_ the `https` and the `http2` module, you will have a single
 
 TIP: Recall from the xref:og-modules[section about modules], that only modules that are explicitly enabled get their module configuration file (`+*.ini+`) saved in `$JETTY_BASE/start.d/`, and you want `$JETTY_BASE/start.d/ssl.ini` to be present so that you can configure the connector properties, the KeyStore properties and the TLS properties.
 
+[[og-protocols-ssl-customize]]
 ===== Customizing KeyStore and TLS Configuration
 
 Secure protocols have a slightly more complicated configuration since they require to configure a _KeyStore_.
@@ -77,6 +78,7 @@ Refer to the link:{JDURL}/org/eclipse/jetty/util/ssl/SslContextFactory.html[SslC
 
 CAUTION: Use module properties whenever possible, and only resort to use a Jetty XML file for advanced configuration that you cannot do using module properties.
 
+[[og-protocols-ssl-customize-versions]]
 ====== Customizing TLS Protocol Versions
 
 By default, the SSL protocols (SSL, SSLv2, SSLv3, etc.) are already excluded because they are vulnerable.
@@ -102,6 +104,7 @@ To explicitly add the exclusion of TLSv1.0 and TLSv1.1 (that are also vulnerable
 </Configure>
 ----
 
+[[og-protocols-ssl-customize-ciphers]]
 ====== Customizing TLS Ciphers
 
 You can precisely set the list of excluded ciphers, completely overriding Jetty's default, with this XML:
@@ -161,6 +164,7 @@ $ java -jar $JETTY_HOME/start.jar --add-module=ssl-reload
 
 For more information about the configuration of the `ssl-reload` Jetty module, see xref:og-module-ssl-reload[this section].
 
+[[og-protocols-ssl-conscrypt]]
 ===== Using Conscrypt as TLS Provider
 
 By default, the standard TLS provider that comes with the JDK is used.
@@ -177,6 +181,7 @@ To use Conscrypt as the TLS provider just enable the `conscrypt` Jetty module:
 $ java -jar $JETTY_HOME/start.jar --add-module=conscrypt
 ----
 
+[[og-protocols-ssl-sni]]
 ===== Configuring SNI
 
 Server Name Indication (SNI) is a TLS extension that clients send to indicate what domain they want to connect to during the initial TLS handshake.