diff options
Diffstat (limited to 'doc/interimap.1.md')
| -rw-r--r-- | doc/interimap.1.md | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/doc/interimap.1.md b/doc/interimap.1.md index ab35275..d21424b 100644 --- a/doc/interimap.1.md +++ b/doc/interimap.1.md @@ -420,15 +420,19 @@ Valid options are: *SSL_verify* -: Whether to verify the server certificate chain. +: Whether to verify the server certificate chain, and match its + Subject Alternative Name (SAN) or Subject CommonName (CN) against + the value of the *host* option. + (Default: `YES`.) + Note that using *SSL_fingerprint* to specify the fingerprint of the server certificate provides an independent server authentication - measure as it ignores the CA chain. - (Default: `YES`.) + measure as it pins directly its key material and ignore its chain of + trust. *SSL_CApath* -: Directory to use for server certificate verification if +: Directory to use for server certificate verification when `SSL_verify=YES`. This directory must be in “hash format”, see [`verify`(1ssl)] for more information. @@ -436,7 +440,7 @@ Valid options are: *SSL_CAfile* : File containing trusted certificates to use during server - certificate verification if `SSL_verify=YES`. + certificate verification when `SSL_verify=YES`. Supported extensions {#supported-extensions} ==================== |