From 23dc22b78dd0d30e7cbe782138a2fa36a54b0200 Mon Sep 17 00:00:00 2001 From: Wouter Wijngaards Date: Tue, 10 Jul 2018 08:02:32 +0000 Subject: [PATCH] - Note in documentation that the cert name match code needs git-svn-id: file:///svn/unbound/trunk@4777 be551aaa-1e26-0410-a405-d3ace91eadb9 --- doc/Changelog | 4 ++++ doc/unbound.conf.5.in | 1 + 2 files changed, 5 insertions(+) diff --git a/doc/Changelog b/doc/Changelog index c4c1e1864..a1c853897 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,7 @@ +10 July 2018: Wouter + - Note in documentation that the cert name match code needs + OpenSSL 1.1.0 or later to be enabled. + 6 July 2018: Wouter - Fix documentation ambiguity for tls-win-cert in tls-upstream and forward-tls-upstream docs. diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index c3a4c14c1..4698c38e9 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -1504,6 +1504,7 @@ the '@' and '#', the '@' comes first. At high verbosity it logs the TLS certificate, with TLS enabled. If you leave out the '#' and auth name from the forward\-addr, any name is accepted. The cert must also match a CA from the tls\-cert\-bundle. +The cert name match code needs OpenSSL 1.1.0 or later to be enabled. .TP .B forward\-first: \fI If enabled, a query is attempted without the forward clause if it fails. -- 2.47.3