Gitweb:
http://git.exim.org/exim.git/commitdiff/3faae4c075bd1054f3e199051f146d886c8abf0f
Commit: 3faae4c075bd1054f3e199051f146d886c8abf0f
Parent: ce42f3edc33a10554ac769cd0840ce3a1cd939d3
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Tue May 13 15:38:14 2014 +0100
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Tue May 13 16:56:57 2014 +0100
Add doc notes on verifying self-signing hosts
---
doc/doc-docbook/spec.xfpt | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index e512f2b..03ec898 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -23266,6 +23266,11 @@ in clear.
This option gives a list of hosts for which, on encrypted connections,
certificate verification will be tried but need not succeed.
The &%tls_verify_certificates%& option must also be set.
+Note that unless the host is in this list
+TLS connections will be denied to hosts using self-signed certificates
+when &%tls_verify_certificates%& is set.
+The &$tls_out_certificate_verified$& variable is set when
+certificate verification succeeds.
.option tls_verify_certificates smtp string&!! unset
