Docs: add notes on lack of multiple-OCSP-proof support

This would be wanted for server OCSP stapling in a dual RSA/ECDSA certificate installation

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index e3ac7f3b930bb2537b5c620d54a66ab98dbbdfda..28584912291eab0f900576709c5518a122d933bd 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -17138,6 +17138,8 @@ separator in the usual way to avoid confusion under IPv6.
 
 &*Note*&: Under current versions of OpenSSL, when a list of more than one
 file is used, the &$tls_in_ourcert$& veriable is unreliable.
+
+&*Note*&: OCSP stapling is not usable when a list of more than one file is used.
 .wen
 
 If the option contains &$tls_out_sni$& and Exim is built against OpenSSL, then
@@ -17279,6 +17281,11 @@ Certificate Authority.
 
 Usable for GnuTLS 3.4.4 or 3.3.17 or OpenSSL 1.1.0 (or later).
 
+.new
+&*Note*&: There is currently no support for multiple OCSP proofs to match the
+multiple certificates facility.
+.wen
+
 
 .option tls_on_connect_ports main "string list" unset
 .cindex SSMTP