projects
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Docs: add notes on library version limitations on OCSP stapling. Bug 1664
[exim.git]
/
doc
/
doc-docbook
/
spec.xfpt
diff --git
a/doc/doc-docbook/spec.xfpt
b/doc/doc-docbook/spec.xfpt
index e1eaf3f70e973613a2a165889f000cdd4751d340..69a810c0c5d7a8dfb3de88dde31c27ecdc58632c 100644
(file)
--- a/
doc/doc-docbook/spec.xfpt
+++ b/
doc/doc-docbook/spec.xfpt
@@
-16668,6
+16668,10
@@
must if set expand to the absolute path to a file which contains a current
status proof for the server's certificate, as obtained from the
Certificate Authority.
status proof for the server's certificate, as obtained from the
Certificate Authority.
+.new
+Usable for GnuTLS 3.4.4 or 3.3.17 or OpenSSL 1.1.0 (or later).
+.wen
+
.option tls_on_connect_ports main "string list" unset
.cindex SSMTP
.option tls_on_connect_ports main "string list" unset
.cindex SSMTP
@@
-26754,7
+26758,9
@@
starts retrying to fetch an OCSP proof some time before its current
proof expires. The downside is that it requires server support.
Unless Exim is built with the support disabled,
proof expires. The downside is that it requires server support.
Unless Exim is built with the support disabled,
-or with GnuTLS earlier than version 3.1.3,
+.new
+or with GnuTLS earlier than version 3.3.16 / 3.4.8
+.wen
support for OCSP stapling is included.
There is a global option called &%tls_ocsp_file%&.
support for OCSP stapling is included.
There is a global option called &%tls_ocsp_file%&.