From da915828c44957df6552e016a67ebde1c05c0385 Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Wed, 22 Oct 2014 08:30:48 -0400 Subject: [PATCH] Docs edits for dropping SSLv3 and under + release notes for 1.3.1 Signed-off-by: Tibor Vass Conflicts: docs/sources/index.md Upstream-commit: f58767aceda453377e4f6913eef8d7fd1912e74b Component: cli --- components/cli/docs/sources/reference/commandline/cli.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/components/cli/docs/sources/reference/commandline/cli.md b/components/cli/docs/sources/reference/commandline/cli.md index 4c863ee7bd..a57b4cc28e 100644 --- a/components/cli/docs/sources/reference/commandline/cli.md +++ b/components/cli/docs/sources/reference/commandline/cli.md @@ -112,7 +112,12 @@ direct access to the Docker daemon - and should be secured either using the [built in https encrypted socket](/articles/https/), or by putting a secure web proxy in front of it. You can listen on port `2375` on all network interfaces with `-H tcp://0.0.0.0:2375`, or on a particular network interface using its IP -address: `-H tcp://192.168.59.103:2375`. +address: `-H tcp://192.168.59.103:2375`. It is conventional to use port `2375` +for un-encrypted, and port `2376` for encrypted communication with the daemon. + +> **Note** If you're using an HTTPS encrypted socket, keep in mind that only TLS1.0 +> and greater are supported. Protocols SSLv3 and under are not supported anymore +> for security reasons. On Systemd based systems, you can communicate with the daemon via [systemd socket activation](http://0pointer.de/blog/projects/socket-activation.html), use