From 411096e548db4b7f9c3c66acddac451108e9937b Mon Sep 17 00:00:00 2001
From: Mark Craig <mark.craig@forgerock.com>
Date: Wed, 05 Jun 2013 15:21:59 +0000
Subject: [PATCH] CR-1796 Fix for OPENDJ-731: Reference documentation for ssl-client-auth-policy values is misleading

---
 opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn.properties                        |    6 +++---
 opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/HTTPConnectionHandlerConfiguration.xml |   11 +++++++----
 opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_zh_CN.properties                  |    1 -
 opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/LDAPConnectionHandlerConfiguration.xml |   10 ++++++----
 opendj-sdk/opends/src/admin/messages/HTTPConnectionHandlerCfgDefn.properties                        |    6 +++---
 opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_es.properties                     |    1 -
 opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_ja.properties                     |    1 -
 opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_de.properties                     |    2 +-
 opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_ko.properties                     |    6 +++---
 opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_fr.properties                     |    2 +-
 opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_zh_TW.properties                  |    6 +++---
 11 files changed, 27 insertions(+), 25 deletions(-)

diff --git a/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/HTTPConnectionHandlerConfiguration.xml b/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/HTTPConnectionHandlerConfiguration.xml
index f23b1da..b6cb400 100644
--- a/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/HTTPConnectionHandlerConfiguration.xml
+++ b/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/HTTPConnectionHandlerConfiguration.xml
@@ -326,6 +326,8 @@
       Specifies the policy that the
       <adm:user-friendly-name />
       should use regarding client SSL certificates.
+      Clients can use the SASL EXTERNAL mechanism only if the
+      policy is set to "optional" or "required".
     </adm:synopsis>
     <adm:description>
       This is only applicable if clients are allowed to use SSL.
@@ -342,7 +344,7 @@
       <adm:enumeration>
         <adm:value name="disabled">
           <adm:synopsis>
-            Clients are not required to provide their own
+            Clients must not provide their own
             certificates when performing SSL negotiation.
           </adm:synopsis>
         </adm:value>
@@ -356,9 +358,10 @@
         </adm:value>
         <adm:value name="required">
           <adm:synopsis>
-            Clients are required to provide their own certificates
-            when performing SSL negotiation and are refused access
-            if the do not provide a certificate.
+            Clients are requested to provide their own certificates
+            when performing SSL negotiation. The connection is
+            nevertheless accepted if the client does not provide a
+            certificate.
           </adm:synopsis>
         </adm:value>
       </adm:enumeration>
diff --git a/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/LDAPConnectionHandlerConfiguration.xml b/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/LDAPConnectionHandlerConfiguration.xml
index 82a73d4..3591c37 100644
--- a/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/LDAPConnectionHandlerConfiguration.xml
+++ b/opendj-sdk/opends/src/admin/defn/org/opends/server/admin/std/LDAPConnectionHandlerConfiguration.xml
@@ -441,6 +441,8 @@
       Specifies the policy that the
       <adm:user-friendly-name />
       should use regarding client SSL certificates.
+      Clients can use the SASL EXTERNAL mechanism only if the
+      policy is set to "optional" or "required".
     </adm:synopsis>
     <adm:description>
       This is only applicable if clients are allowed to use SSL.
@@ -457,15 +459,15 @@
       <adm:enumeration>
         <adm:value name="disabled">
           <adm:synopsis>
-            Clients are not required to provide their own
+            Clients must not provide their own
             certificates when performing SSL negotiation.
           </adm:synopsis>
         </adm:value>
         <adm:value name="optional">
           <adm:synopsis>
             Clients are requested to provide their own certificates
-            when performing SSL negotiation, but still accept the
-            connection even if the client does not provide a
+            when performing SSL negotiation. The connection is
+            nevertheless accepted if the client does not provide a
             certificate.
           </adm:synopsis>
         </adm:value>
@@ -473,7 +475,7 @@
           <adm:synopsis>
             Clients are required to provide their own certificates
             when performing SSL negotiation and are refused access
-            if the do not provide a certificate.
+            if they do not provide a certificate.
           </adm:synopsis>
         </adm:value>
       </adm:enumeration>
diff --git a/opendj-sdk/opends/src/admin/messages/HTTPConnectionHandlerCfgDefn.properties b/opendj-sdk/opends/src/admin/messages/HTTPConnectionHandlerCfgDefn.properties
index 95acbfd..4ab2f19 100644
--- a/opendj-sdk/opends/src/admin/messages/HTTPConnectionHandlerCfgDefn.properties
+++ b/opendj-sdk/opends/src/admin/messages/HTTPConnectionHandlerCfgDefn.properties
@@ -51,9 +51,9 @@
 property.ssl-cipher-suite.requires-admin-action.synopsis=Changes to this property take effect immediately but will only impact new SSL/TLS-based sessions created after the change.
 property.ssl-client-auth-policy.synopsis=Specifies the policy that the HTTP Connection Handler should use regarding client SSL certificates.
 property.ssl-client-auth-policy.description=This is only applicable if clients are allowed to use SSL.
-property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Clients are not required to provide their own certificates when performing SSL negotiation.
-property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation, but still accept the connection even if the client does not provide a certificate.
-property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Clients are required to provide their own certificates when performing SSL negotiation and are refused access if the do not provide a certificate.
+property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Clients must not provide their own certificates when performing SSL negotiation.
+property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation. The connection is nevertheless accepted if the client does not provide a certificate.
+property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Clients are required to provide their own certificates when performing SSL negotiation and are refused access if they do not provide a certificate.
 property.ssl-protocol.synopsis=Specifies the names of the SSL protocols that are allowed for use in SSL communication.
 property.ssl-protocol.default-behavior.alias.synopsis=Uses the default set of SSL protocols provided by the server's JVM.
 property.ssl-protocol.requires-admin-action.synopsis=Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change.
diff --git a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn.properties b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn.properties
index ef73700..531894f 100644
--- a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn.properties
+++ b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn.properties
@@ -51,9 +51,9 @@
 property.ssl-cipher-suite.requires-admin-action.synopsis=Changes to this property take effect immediately but will only impact new SSL/TLS-based sessions created after the change.
 property.ssl-client-auth-policy.synopsis=Specifies the policy that the LDAP Connection Handler should use regarding client SSL certificates.
 property.ssl-client-auth-policy.description=This is only applicable if clients are allowed to use SSL.
-property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Clients are not required to provide their own certificates when performing SSL negotiation.
-property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation, but still accept the connection even if the client does not provide a certificate.
-property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Clients are required to provide their own certificates when performing SSL negotiation and are refused access if the do not provide a certificate.
+property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Clients must not provide their own certificates when performing SSL negotiation.
+property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation. The connection is nevertheless accepted if the client does not provide a certificate.
+property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Clients are required to provide their own certificates when performing SSL negotiation and are refused access if they do not provide a certificate.
 property.ssl-protocol.synopsis=Specifies the names of the SSL protocols that are allowed for use in SSL or StartTLS communication.
 property.ssl-protocol.default-behavior.alias.synopsis=Uses the default set of SSL protocols provided by the server's JVM.
 property.ssl-protocol.requires-admin-action.synopsis=Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change.
diff --git a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_de.properties b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_de.properties
index 7785e36..23edebf 100644
--- a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_de.properties
+++ b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_de.properties
@@ -50,7 +50,7 @@
 property.ssl-cipher-suite.requires-admin-action.synopsis=\u00c4nderungen an dieser Eigenschaft werden sofort wirksam, betreffen nur neue SSL/TLS-basierte Sitzungen, die nach der \u00c4nderung erstellt wurden.
 property.ssl-client-auth-policy.synopsis=Gibt die Richtlinie an, die der LDAP-Verbindungshandler f\u00fcr die Client-SSL-Zertifikate verwendet.
 property.ssl-client-auth-policy.description=Dies gilt nur, wenn Clients zur Verwendung von SSL zugelassen sind.
-property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Clients m\u00fcssen zum Ausf\u00fchren einer SSL-Verhandlung nicht zuvor ihre eigenen Zertifikate angeben.
+property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Clients m\u00fcssen zum Ausf\u00fchren einer SSL-Verhandlung keine eigenen Zertifikate angeben.
 property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Clients werden aufgefordert, ihre eigenen Zertifikate anzugeben, wenn sie eine SSL-Verhandlung ausf\u00fchren, akzeptieren die Verbindung aber auch, wenn der Client kein Zertifikate angibt.
 property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Clients m\u00fcssen beim Ausf\u00fchren einer SSL-Verhandlung ihre eigenen Zertifikate angeben. Der Zugriff wird verweigert, wenn sie kein Zertifikat angeben.
 property.ssl-protocol.synopsis=Gibt die Namen der SSL-Protokolle an, die zur Verwendung in der SSL- oder StartTLS-Kommunikation zugelassen sind.
diff --git a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_es.properties b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_es.properties
index f7d50b2..2535718 100644
--- a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_es.properties
+++ b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_es.properties
@@ -50,7 +50,6 @@
 property.ssl-cipher-suite.requires-admin-action.synopsis=Los cambios realizados en este atributo de configuraci\u00f3n entran en vigor de forma inmediata, pero solo afectar\u00e1n a las nuevas sesiones basadas en SSL o TLS creadas tras la modificaci\u00f3n.
 property.ssl-client-auth-policy.synopsis=Especifica la pol\u00edtica que debe emplear el controlador de conexi\u00f3n LDAP con respecto a los certificados de cliente SSL.
 property.ssl-client-auth-policy.description=Esto s\u00f3lo se aplica si los clientes est\u00e1n autorizados a utilizar SSL.
-property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=No es necesario que los clientes proporcionen sus propios certificados al llevar a cabo la negociaci\u00f3n de SSL.
 property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Se solicita a los clientes que proporcionen sus propios certificados al llevar a cabo la negociaci\u00f3n de SSL, pero la conexi\u00f3n se aceptar\u00e1 igualmente si el cliente no facilita un certificado.
 property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Se solicita a los clientes que proporcionen sus propios certificados al llevar a cabo la negociaci\u00f3n de SSL y, si no lo hacen, se les deniega el acceso.
 property.ssl-protocol.synopsis=Especifica los nombres de los protocolos SSL que se permite utilizar en la comunicaci\u00f3n SSL o StartTLS.
diff --git a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_fr.properties b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_fr.properties
index 39cf8d1..42d9361 100644
--- a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_fr.properties
+++ b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_fr.properties
@@ -50,7 +50,7 @@
 property.ssl-cipher-suite.requires-admin-action.synopsis=Les modifications apport\u00e9es \u00e0 cette propri\u00e9t\u00e9 sont imm\u00e9diatement prises en compte, mais n'auront un impact que sur les nouvelles sessions SSL/TLS cr\u00e9\u00e9es apr\u00e8s la modification.
 property.ssl-client-auth-policy.synopsis=Sp\u00e9cifie la r\u00e8gle que le gestionnaire de connexion LDAP doit utiliser concernant les certificats SSL des clients.
 property.ssl-client-auth-policy.description=Ceci s'applique uniquement si les clients sont autoris\u00e9s \u00e0 utiliser SSL.
-property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Les clients ne sont pas oblig\u00e9s de fournir leurs propres certificats lors des n\u00e9gociations SSL.
+property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Les clients ne doivent pas fournir leurs propres certificats lors des n\u00e9gociations SSL.
 property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=On demande aux clients de fournir leurs propres certificats lors des n\u00e9gociations SSL, mais la connexion est accept\u00e9e m\u00eame si le client ne fournit pas de certificat.
 property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Les clients doivent fournir leurs propres certificats lors des n\u00e9gociations SSL et se voient refuser l'acc\u00e8s s'ils ne fournissent pas de certificat.
 property.ssl-protocol.synopsis=Sp\u00e9cifie les noms des protocoles SSL autoris\u00e9s pour une utilisation dans les communications SSL ou StartTLS.
diff --git a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_ja.properties b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_ja.properties
index 9adf0e9..88e5be4 100644
--- a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_ja.properties
+++ b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_ja.properties
@@ -50,7 +50,6 @@
 property.ssl-cipher-suite.requires-admin-action.synopsis=\u3053\u306e\u5c5e\u6027\u3078\u306e\u5909\u66f4\u306f\u305f\u3060\u3061\u306b\u6709\u52b9\u306b\u306a\u308a\u307e\u3059\u304c\u3001\u5f71\u97ff\u304c\u53ca\u3076\u306e\u306f\u5909\u66f4\u5f8c\u306b\u4f5c\u6210\u3055\u308c\u305f\u65b0\u3057\u3044 SSL/TLS \u30d9\u30fc\u30b9\u306e\u30bb\u30c3\u30b7\u30e7\u30f3\u3060\u3051\u3067\u3059\u3002
 property.ssl-client-auth-policy.synopsis=SSL \u8a3c\u660e\u66f8\u306b\u95a2\u3057\u3066 LDAP \u63a5\u7d9a\u30cf\u30f3\u30c9\u30e9\u304c\u4f7f\u7528\u3059\u308b\u30dd\u30ea\u30b7\u30fc\u3092\u6307\u5b9a\u3057\u307e\u3059\u3002
 property.ssl-client-auth-policy.description=\u3053\u308c\u306f\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304c SSL \u306e\u4f7f\u7528\u3092\u8a31\u53ef\u3055\u308c\u3066\u3044\u308b\u5834\u5408\u306b\u306e\u307f\u8a72\u5f53\u3057\u307e\u3059\u3002
-property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306f SSL \u30cd\u30b4\u30b7\u30a8\u30fc\u30b7\u30e7\u30f3\u306e\u5b9f\u884c\u6642\u306b\u305d\u308c\u81ea\u4f53\u306e\u8a3c\u660e\u66f8\u3092\u63d0\u793a\u3059\u308b\u5fc5\u8981\u306f\u3042\u308a\u307e\u305b\u3093\u3002
 property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306f SSL \u30cd\u30b4\u30b7\u30a8\u30fc\u30b7\u30e7\u30f3\u306e\u5b9f\u884c\u6642\u306b\u305d\u308c\u81ea\u4f53\u306e\u8a3c\u660e\u66f8\u3092\u63d0\u793a\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u304c\u3001\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304c\u8a3c\u660e\u66f8\u3092\u63d0\u793a\u3057\u306a\u304b\u3063\u305f\u5834\u5408\u3067\u3082\u63a5\u7d9a\u306f\u53d7\u3051\u5165\u308c\u3089\u308c\u307e\u3059\u3002
 property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306f SSL \u30cd\u30b4\u30b7\u30a8\u30fc\u30b7\u30e7\u30f3\u306e\u5b9f\u884c\u6642\u306b\u305d\u308c\u81ea\u4f53\u306e\u8a3c\u660e\u66f8\u3092\u63d0\u793a\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u3001\u8a3c\u660e\u66f8\u3092\u63d0\u793a\u3057\u306a\u304b\u3063\u305f\u5834\u5408\u306f\u30a2\u30af\u30bb\u30b9\u304c\u62d2\u5426\u3055\u308c\u307e\u3059\u3002
 property.ssl-protocol.synopsis=SSL \u307e\u305f\u306f StartTLS \u901a\u4fe1\u3067\u306e\u4f7f\u7528\u304c\u8a31\u53ef\u3055\u308c\u308b SSL \u30d7\u30ed\u30c8\u30b3\u30eb\u306e\u540d\u524d\u3092\u6307\u5b9a\u3057\u307e\u3059\u3002
diff --git a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_ko.properties b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_ko.properties
index cbdadac..7aa1df2 100644
--- a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_ko.properties
+++ b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_ko.properties
@@ -48,9 +48,9 @@
 property.ssl-cipher-suite.requires-admin-action.synopsis=Changes to this property take effect immediately but will only impact new SSL/TLS-based sessions created after the change.
 property.ssl-client-auth-policy.synopsis=Specifies the policy that the LDAP Connection Handler should use regarding client SSL certificates.
 property.ssl-client-auth-policy.description=This is only applicable if clients are allowed to use SSL.
-property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Clients are not required to provide their own certificates when performing SSL negotiation.
-property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation, but still accept the connection even if the client does not provide a certificate.
-property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Clients are required to provide their own certificates when performing SSL negotiation and are refused access if the do not provide a certificate.
+property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Clients must not provide their own certificates when performing SSL negotiation.
+property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation. The connection is nevertheless accepted if the client does not provide a certificate.
+property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Clients are required to provide their own certificates when performing SSL negotiation and are refused access if they do not provide a certificate.
 property.ssl-protocol.synopsis=Specifies the names of the SSL protocols that are allowed for use in SSL or StartTLS communication.
 property.ssl-protocol.default-behavior.alias.synopsis=Uses the default set of SSL protocols provided by the server's JVM.
 property.ssl-protocol.requires-admin-action.synopsis=Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change.
diff --git a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_zh_CN.properties b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_zh_CN.properties
index 9523f61..f9aeb10 100644
--- a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_zh_CN.properties
+++ b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_zh_CN.properties
@@ -50,7 +50,6 @@
 property.ssl-cipher-suite.requires-admin-action.synopsis=\u5bf9\u6b64\u5c5e\u6027\u7684\u66f4\u6539\u4f1a\u7acb\u5373\u751f\u6548\uff0c\u4f46\u4ec5\u5f71\u54cd\u5728\u66f4\u6539\u540e\u521b\u5efa\u7684\u57fa\u4e8e SSL/TLS \u7684\u65b0\u4f1a\u8bdd\u3002
 property.ssl-client-auth-policy.synopsis=\u6307\u5b9a LDAP \u8fde\u63a5\u5904\u7406\u7a0b\u5e8f\u5e94\u5f53\u5bf9\u5ba2\u6237\u7aef SSL \u8bc1\u4e66\u4f7f\u7528\u7684\u7b56\u7565\u3002
 property.ssl-client-auth-policy.description=\u8fd9\u4ec5\u9002\u7528\u4e8e\u5141\u8bb8\u5ba2\u6237\u7aef\u4f7f\u7528 SSL \u7684\u60c5\u51b5\u3002
-property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=\u6267\u884c SSL \u534f\u5546\u65f6\uff0c\u5ba2\u6237\u7aef\u65e0\u987b\u63d0\u4f9b\u81ea\u5df1\u7684\u8bc1\u4e66\u3002
 property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=\u6267\u884c SSL \u534f\u5546\u65f6\u8981\u6c42\u5ba2\u6237\u7aef\u63d0\u4f9b\u81ea\u5df1\u7684\u8bc1\u4e66\uff0c\u4f46\u5373\u4f7f\u5ba2\u6237\u7aef\u4e0d\u63d0\u4f9b\u8bc1\u4e66\uff0c\u5ba2\u6237\u7aef\u4ecd\u63a5\u53d7\u8fde\u63a5\u3002
 property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=\u6267\u884c SSL \u534f\u5546\u65f6\u8981\u6c42\u5ba2\u6237\u7aef\u63d0\u4f9b\u81ea\u5df1\u7684\u8bc1\u4e66\uff0c\u5982\u679c\u5ba2\u6237\u7aef\u4e0d\u63d0\u4f9b\u8bc1\u4e66\uff0c\u5219\u62d2\u7edd\u5176\u8bbf\u95ee\u3002
 property.ssl-protocol.synopsis=\u6307\u5b9a\u5141\u8bb8\u5728 SSL \u6216 StartTLS \u901a\u4fe1\u4e2d\u4f7f\u7528\u7684 SSL \u534f\u8bae\u7684\u540d\u79f0\u3002
diff --git a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_zh_TW.properties b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_zh_TW.properties
index cbdadac..7aa1df2 100644
--- a/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_zh_TW.properties
+++ b/opendj-sdk/opends/src/admin/messages/LDAPConnectionHandlerCfgDefn_zh_TW.properties
@@ -48,9 +48,9 @@
 property.ssl-cipher-suite.requires-admin-action.synopsis=Changes to this property take effect immediately but will only impact new SSL/TLS-based sessions created after the change.
 property.ssl-client-auth-policy.synopsis=Specifies the policy that the LDAP Connection Handler should use regarding client SSL certificates.
 property.ssl-client-auth-policy.description=This is only applicable if clients are allowed to use SSL.
-property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Clients are not required to provide their own certificates when performing SSL negotiation.
-property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation, but still accept the connection even if the client does not provide a certificate.
-property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Clients are required to provide their own certificates when performing SSL negotiation and are refused access if the do not provide a certificate.
+property.ssl-client-auth-policy.syntax.enumeration.value.disabled.synopsis=Clients must not provide their own certificates when performing SSL negotiation.
+property.ssl-client-auth-policy.syntax.enumeration.value.optional.synopsis=Clients are requested to provide their own certificates when performing SSL negotiation. The connection is nevertheless accepted if the client does not provide a certificate.
+property.ssl-client-auth-policy.syntax.enumeration.value.required.synopsis=Clients are required to provide their own certificates when performing SSL negotiation and are refused access if they do not provide a certificate.
 property.ssl-protocol.synopsis=Specifies the names of the SSL protocols that are allowed for use in SSL or StartTLS communication.
 property.ssl-protocol.default-behavior.alias.synopsis=Uses the default set of SSL protocols provided by the server's JVM.
 property.ssl-protocol.requires-admin-action.synopsis=Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change.

--
Gitblit v1.10.0