diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2021-04-18 22:37:10 +0100 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2021-04-18 22:37:10 +0100 |
| commit | 535c964b8a4855448b8cc39ec301831a2b96c3a9 (patch) | |
| tree | f846e6e61e5de294a5facefe35389f6708e04a65 /doc | |
| parent | a1108b5118d32e969c5fe91b2110944f7483a7cb (diff) | |
Docs: note caching of auto-generated server certificate
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/doc-docbook/spec.xfpt | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 56da191fa..1c7cf8eee 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -18341,8 +18341,12 @@ if the OpenSSL build supports TLS extensions and the TLS client sends the Server Name Indication extension, then this option and others documented in &<<SECTtlssni>>& will be re-expanded. -If this option is unset or empty a fresh self-signed certificate will be -generated for every connection. +If this option is unset or empty a self-signed certificate will be +.new +used. +Under Linux this is generated at daemon startup; on other platforms it will be +generated fresh for every connection. +.wen .option tls_crl main string&!! unset .cindex "TLS" "server certificate revocation list" |