aboutsummaryrefslogtreecommitdiffstats
path: root/README.SSL
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2021-11-21 00:13:12 +0100
committerMatthias Andree <matthias.andree@gmx.de>2021-11-21 00:43:42 +0100
commit4ccbbe06175d6dd15d4409d39dd83ed7b73671c9 (patch)
tree5d86c36e2486d36d99673bd93539c27683811371 /README.SSL
parent3a9ab6af45b2520f5f88fdd37c53870a6231d04f (diff)
downloadfetchmail-4ccbbe06175d6dd15d4409d39dd83ed7b73671c9.tar.gz
fetchmail-4ccbbe06175d6dd15d4409d39dd83ed7b73671c9.tar.bz2
fetchmail-4ccbbe06175d6dd15d4409d39dd83ed7b73671c9.zip
Update SSL configure instructions and license info.
Diffstat (limited to 'README.SSL')
-rw-r--r--README.SSL10
1 files changed, 5 insertions, 5 deletions
diff --git a/README.SSL b/README.SSL
index 63620b55..f5eca24f 100644
--- a/README.SSL
+++ b/README.SSL
@@ -22,8 +22,8 @@ below and in the manual).
fetchmail 6.4.0 will auto-negotiate TLSv1 or newer only.
Fetchmail 6.4.25 supports OpenSSL 3.0 and 1.1.1 and WolfSSL 5.0.
-
-The configure options --with-wolfssl takes precedence over --with-ssl.
+Note that WolfSSL 5.0 is a bit less flexible about its trust store,
+see INSTALL chapter 2.1 for details.
-- Matthias Andree, 2021-11-20
@@ -46,7 +46,7 @@ since fetchmail v6.4.0, but since fetchmail 6.3 releases will be in circulation
for too long, (--)sslcertck will remain in the examples below for now.
For use of SSL or TLS on a separate port (recommended), called Implicit TLS,
-the whole TCP connection is SSL-encrypted from the very beginning (SSL- or
+the whole TCP connection is SSL-encrypted from the very beginning (SSL- or
TLS-wrapped), use these command line options (in the rcfile,
omit all leading "--"):
@@ -57,8 +57,8 @@ or these options in the rcfile (after the respective "user"... options)
ssl sslproto tls1.2+ sslcertck
-For use of SSL or TLS with in-band negotiation on the regular service's port,
-i. e. with STLS or STARTTLS, use these command line options (omitting --ssl or
+For use of SSL or TLS with in-band negotiation on the regular service's port,
+i. e. with STLS or STARTTLS, use these command line options (omitting --ssl or
ssl):
--sslproto tls1.2+ --sslcertck