diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2014-05-13 15:38:14 +0100 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2014-05-13 16:56:57 +0100 |
| commit | 3faae4c075bd1054f3e199051f146d886c8abf0f (patch) | |
| tree | 65f8f903c90bf17d371d4894af829b824b0482ec | |
| parent | ce42f3edc33a10554ac769cd0840ce3a1cd939d3 (diff) | |
Add doc notes on verifying self-signing hosts
| -rw-r--r-- | doc/doc-docbook/spec.xfpt | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index e512f2b4a..03ec8980c 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -23266,6 +23266,11 @@ in clear. This option gives a list of hosts for which, on encrypted connections, certificate verification will be tried but need not succeed. The &%tls_verify_certificates%& option must also be set. +Note that unless the host is in this list +TLS connections will be denied to hosts using self-signed certificates +when &%tls_verify_certificates%& is set. +The &$tls_out_certificate_verified$& variable is set when +certificate verification succeeds. .option tls_verify_certificates smtp string&!! unset |