From: Jeremy Harris Date: Sun, 18 Apr 2021 21:37:10 +0000 (+0100) Subject: Docs: note caching of auto-generated server certificate X-Git-Tag: exim-4.95-RC0~69 X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/535c964b8a4855448b8cc39ec301831a2b96c3a9 Docs: note caching of auto-generated server certificate --- diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 56da191fa..1c7cf8eee 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -18341,8 +18341,12 @@ if the OpenSSL build supports TLS extensions and the TLS client sends the Server Name Indication extension, then this option and others documented in &<>& will be re-expanded. -If this option is unset or empty a fresh self-signed certificate will be -generated for every connection. +If this option is unset or empty a self-signed certificate will be +.new +used. +Under Linux this is generated at daemon startup; on other platforms it will be +generated fresh for every connection. +.wen .option tls_crl main string&!! unset .cindex "TLS" "server certificate revocation list"