- Update generated man pages.

diff --git a/doc/Changelog b/doc/Changelog
index fdfefb32a8f98f918e3652d9a254f1d3b8228638..0c7f354623ef41e587253a184e8fba14106226c3 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -2,6 +2,7 @@
        - Merge #1401: Add a new build-time option for system TLS.
          The --enable-system-tls flag enables the
          tls-use-system-policy-versions setting by default.
+       - Update generated man pages.
 
 6 February 2026: Yorgos
        - Fix #1389: [FR] replacement with ECC-GOST12 according to RFC9558.

diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in
index 55f86c17f85d2e757015d55a3b6d873371ad94f0..d24872d8edc7ff515e1b5a7575817cc39a00ab8c 100644 (file)
--- a/doc/unbound.conf.5.in
+++ b/doc/unbound.conf.5.in
@@ -1299,13 +1299,16 @@ Default: yes
 .INDENT 0.0
 .TP
 .B tls\-use\-system\-policy\-versions: \fI<yes or no>\fP 
-Enable or disable general\-puspose version\-flexible TLS server configuration
+Enable or disable general\-purpose version\-flexible TLS server configuration
 when serving TLS.
 This will allow the whole list of available TLS versions provided by the
 crypto library, which may have been further restricted by the system\(aqs
 crypto policy.
 .sp
-By default Unbound only uses the latest available TLS version.
+If disabled Unbound only uses the latest available TLS version.
+.sp
+The default depends on a compilation choice, it is set
+at @SYSTEM_TLS_DEFAULT@ .
 .sp
 \fBCAUTION:\fP
 .INDENT 7.0
@@ -1321,7 +1324,7 @@ Changing the value requires a reload.
 .UNINDENT
 .UNINDENT
 .sp
-Default: no
+Default: @SYSTEM_TLS_DEFAULT@
 .UNINDENT
 .INDENT 0.0
 .TP