git://git.exim.org
/
users
/
heiko
/
exim.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
ce42f3e
)
Add doc notes on verifying self-signing hosts
author
Jeremy Harris
<jgh146exb@wizmail.org>
Tue, 13 May 2014 14:38:14 +0000
(15:38 +0100)
committer
Jeremy Harris
<jgh146exb@wizmail.org>
Tue, 13 May 2014 15:56:57 +0000
(16:56 +0100)
doc/doc-docbook/spec.xfpt
patch
|
blob
|
history
diff --git
a/doc/doc-docbook/spec.xfpt
b/doc/doc-docbook/spec.xfpt
index e512f2b4acc8e8bdbe244290949921e08ebae848..03ec8980c59e5e31ee99813f78a42e4a4f6b807d 100644
(file)
--- a/
doc/doc-docbook/spec.xfpt
+++ b/
doc/doc-docbook/spec.xfpt
@@
-23266,6
+23266,11
@@
in clear.
This option gives a list of hosts for which, on encrypted connections,
certificate verification will be tried but need not succeed.
The &%tls_verify_certificates%& option must also be set.
This option gives a list of hosts for which, on encrypted connections,
certificate verification will be tried but need not succeed.
The &%tls_verify_certificates%& option must also be set.
+Note that unless the host is in this list
+TLS connections will be denied to hosts using self-signed certificates
+when &%tls_verify_certificates%& is set.
+The &$tls_out_certificate_verified$& variable is set when
+certificate verification succeeds.
.option tls_verify_certificates smtp string&!! unset
.option tls_verify_certificates smtp string&!! unset