From: Wouter Wijngaards Date: Fri, 20 Apr 2018 11:50:41 +0000 (+0000) Subject: - man page documentation for dns-over-tls forward-addr '#' notation. X-Git-Tag: release-1.7.1rc1~26 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7444b3a8bfdfabab3c2c2887d4e480cec70eb6c3;p=thirdparty%2Funbound.git - man page documentation for dns-over-tls forward-addr '#' notation. git-svn-id: file:///svn/unbound/trunk@4638 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/Changelog b/doc/Changelog index 2f6e4dcea..e15c01189 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,6 @@ +20 April 2018: Wouter + - man page documentation for dns-over-tls forward-addr '#' notation. + 19 April 2018: Wouter - Can set tls authentication with forward-addr: IP#tls.auth.name And put the public cert bundle in tls-cert-bundle: "ca-bundle.pem". diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index db52bfdfb..9b3625652 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -1470,6 +1470,9 @@ Name of server to forward to. Is itself resolved before it is used. .B forward\-addr: \fI IP address of server to forward to. Can be IP 4 or IP 6. To use a nondefault port for DNS communication append '@' with the port number. +If tls is enabled, then you can append a '#' and a name, then it'll check +the tls authentication certificates with that name. If you combine +the '@' and '#', the '@' comes first. .TP .B forward\-first: \fI If enabled, a query is attempted without the forward clause if it fails.