- man page documentation for dns-over-tls forward-addr '#' notation.

author Wouter Wijngaards <wouter@nlnetlabs.nl>

Fri, 20 Apr 2018 11:50:41 +0000 (11:50 +0000)

committer Wouter Wijngaards <wouter@nlnetlabs.nl>

Fri, 20 Apr 2018 11:50:41 +0000 (11:50 +0000)
author Wouter Wijngaards <wouter@nlnetlabs.nl>
Fri, 20 Apr 2018 11:50:41 +0000 (11:50 +0000)
committer Wouter Wijngaards <wouter@nlnetlabs.nl>
Fri, 20 Apr 2018 11:50:41 +0000 (11:50 +0000)
diff --git a/doc/Changelog b/doc/Changelog

index 2f6e4dceae181c47e0026a1d23956ca6cb5c7f9f..e15c01189aa1d32c56c69fde1507f5db63fbae7b 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+20 April 2018: Wouter
+       - man page documentation for dns-over-tls forward-addr '#' notation.
+
  19 April 2018: Wouter
         - Can set tls authentication with forward-addr: IP#tls.auth.name
           And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem".
diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in

index db52bfdfbbdf2483b7ee21c744959042e752a990..9b3625652457f11e980fea646adf6e6a33eef250 100644 (file)
--- a/doc/unbound.conf.5.in
+++ b/doc/unbound.conf.5.in
@@ -1470,6 +1470,9 @@ Name of server to forward to. Is itself resolved before it is used.
  .B forward\-addr: \fI<IP address>
  IP address of server to forward to. Can be IP 4 or IP 6.
  To use a nondefault port for DNS communication append '@' with the port number.
+If tls is enabled, then you can append a '#' and a name, then it'll check
+the tls authentication certificates with that name.  If you combine
+the '@' and '#', the '@' comes first.
  .TP
  .B forward\-first: \fI<yes or no>
  If enabled, a query is attempted without the forward clause if it fails.
author	Wouter Wijngaards <wouter@nlnetlabs.nl>
	Fri, 20 Apr 2018 11:50:41 +0000 (11:50 +0000)
committer	Wouter Wijngaards <wouter@nlnetlabs.nl>
	Fri, 20 Apr 2018 11:50:41 +0000 (11:50 +0000)
doc/Changelog		patch \| blob \| blame \| history
doc/unbound.conf.5.in		patch \| blob \| blame \| history