From aa101e59e5bd08304728a015dfef0bf22101fc0c Mon Sep 17 00:00:00 2001
From: Sadie Powell <sadie@witchery.services>
Date: Thu, 24 Dec 2020 20:55:10 +0000
Subject: [PATCH] Push users towards using SSL profiles for SSL config.

---
 docs/conf/inspircd.conf.example | 13 ++++++++-----
 docs/conf/links.conf.example    | 18 ++++++++++--------
 2 files changed, 18 insertions(+), 13 deletions(-)

diff --git a/docs/conf/inspircd.conf.example b/docs/conf/inspircd.conf.example
index 77b7db622..3d16d4eba 100644
--- a/docs/conf/inspircd.conf.example
+++ b/docs/conf/inspircd.conf.example
@@ -141,14 +141,17 @@
       # to this bind section.
       type="clients"
 
-      # ssl: If you want the port(s) in this bind tag to use TLS (SSL), set this to
-      # the name of a custom <sslprofile> tag that you have defined or one
-      # of "openssl", "gnutls", "mbedtls" if you have not defined any. See the
-      # docs page for the TLS (SSL) module you are using for more details.
+      # ssl: If you want the port(s) in this bind tag to use TLS (SSL), set this
+      # to the name of a custom <sslprofile> tag that you have defined. See the
+      # docs page for the TLS (SSL) module you are using for more details:
+      #
+      # GnuTLS:  https://docs.inspircd.org/3/modules/ssl_gnutls#sslprofile
+      # mbedTLS: https://docs.inspircd.org/3/modules/ssl_mbedtls#sslprofile
+      # OpenSSL: https://docs.inspircd.org/3/modules/ssl_openssl#sslprofile
       #
       # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls
       # for GnuTLS and ssl_mbedtls for mbedTLS.
-      ssl="gnutls"
+      ssl="Clients"
 
       # defer: When this is non-zero, connections will not be handed over to
       # the daemon from the operating system before data is ready.
diff --git a/docs/conf/links.conf.example b/docs/conf/links.conf.example
index c0d2980c7..3b25e86f4 100644
--- a/docs/conf/links.conf.example
+++ b/docs/conf/links.conf.example
@@ -10,7 +10,7 @@
 <bind address="1.2.3.4"
       port="7005"
       type="servers"
-      ssl="gnutls">
+      ssl="Servers">
 
 # Plaintext listener that binds on a TCP/IP endpoint:
 <bind address=""
@@ -56,16 +56,18 @@
       # failover (see above).
       timeout="5m"
 
-      # ssl: If defined, this states the TLS (SSL) profile that will be used when
-      # making an outbound connection to the server. Options are the name of an
-      # <sslprofile> tag that you have defined or one of "openssl", "gnutls",
-      # "mbedtls" if you have not defined any. See the docs page for the TLS (SSL)
-      # module you are using for more details.
+      # ssl: If defined, this states the TLS (SSL) profile that will be used
+      # when making an outbound connection to the server. See the docs page for
+      # the TLS (SSL) module you are using for more details:
+      #
+      # GnuTLS:  https://docs.inspircd.org/3/modules/ssl_gnutls#sslprofile
+      # mbedTLS: https://docs.inspircd.org/3/modules/ssl_mbedtls#sslprofile
+      # OpenSSL: https://docs.inspircd.org/3/modules/ssl_openssl#sslprofile
       #
       # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls
       # for GnuTLS and ssl_mbedtls for mbedTLS. The server port that you
       # connect to must be capable of accepting this type of connection.
-      ssl="gnutls"
+      ssl="Servers"
 
       # fingerprint: If defined, this option will force servers to be
       # authenticated using TLS (SSL) certificate fingerprints. See
@@ -98,7 +100,7 @@
       port="7000"
       allowmask="203.0.113.0/24 127.0.0.0/8 2001:db8::/32"
       timeout="5m"
-      ssl="gnutls"
+      ssl="Servers"
       bind="1.2.3.4"
       statshidden="no"
       hidden="no"
-- 
2.39.2