Docs: clarify TLS cert name verification

[exim.git] / doc / doc-docbook / spec.xfpt

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index d2d40728b3610abd80effa54112450ebdf660647..b8f6f939d123ef4f0338c841b5c9aca650205684 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -26161,7 +26161,8 @@ This option give a list of hosts for which,
 while verifying the server certificate,
 checks will be included on the host name
 (note that this will generally be the result of a DNS MX lookup)
-versus Subject and Subject-Alternate-Name fields.  Wildcard names are permitted
+versus the Subject-Alternate-Name (or, if none, Subject-Name) fields.
+Wildcard names are permitted,
 limited to being the initial component of a 3-or-more component FQDN.
 
 There is no equivalent checking on client certificates.