aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexander Bluhm <[email protected]>2017-03-25 00:50:16 +0100
committerAlexander Bluhm <[email protected]>2017-03-27 17:09:14 +0200
commit9a78e34a2f5f72377cd109b126f11f9bd7761652 (patch)
tree60cd8585b9eed15449ed184601ad2e1f9b5566af
parent9ba487cbae4bb1f4b47c55c85f7b5219c0cbf182 (diff)
Add documentation that SNI must be FQDN.
server_info parameter of TLS::Client must not be an IP address.
-rw-r--r--doc/manual/tls.rst4
1 files changed, 4 insertions, 0 deletions
diff --git a/doc/manual/tls.rst b/doc/manual/tls.rst
index 19857e3ec..70efb1a67 100644
--- a/doc/manual/tls.rst
+++ b/doc/manual/tls.rst
@@ -302,6 +302,10 @@ TLS Clients
the server select what certificate to use and helps the client
validate the connection.
+ Note that the server name indicator name must be a FQDN. IP
+ addresses are not allowed by RFC 6066 and may lead to interoperability
+ problems.
+
Use the optional *offer_version* to control the version of TLS you
wish the client to offer. Normally, you'll want to offer the most
recent version of (D)TLS that is available, however some broken