diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | fetchmail.man | 25 |
2 files changed, 15 insertions, 12 deletions
@@ -46,6 +46,8 @@ fetchmail 6.3.8 (not yet released): # BUG FIXES: * Fix pluralization of oversized-message warning mails. +* Fix manual page: --sslcheck -> --sslcertck, and do not set trailing + "recommended:" in bold. Debian Bug #413059, reported by Rafal Czlonka. # KNOWN BUGS AND WORKAROUNDS: (this section floats upwards through the NEWS file so it stays with the diff --git a/fetchmail.man b/fetchmail.man index 6cafdaac..b2b0a65f 100644 --- a/fetchmail.man +++ b/fetchmail.man @@ -1062,18 +1062,19 @@ protocol and negotiate TLS via special parameter. The \-\-sslcertck command line or sslcertck run control file option should be used to force strict certificate checking - see below. .PP -.B \-\-sslcheck recommended: -When connecting to an SSL or TLS encrypted server, the server presents a certificate -to the client for validation. The certificate is checked to verify that -the common name in the certificate matches the name of the server being -contacted and that the effective and expiration dates in the certificate -indicate that it is currently valid. If any of these checks fail, a warning -message is printed, but the connection continues. The server certificate -does not need to be signed by any specific Certifying Authority and may -be a "self-signed" certificate. If the \-\-sslcertck command line option -or sslcertck run control file option is used, fetchmail will instead -abort if any of these checks fail. Use of the sslcertck or \-\-sslcertck -option is advised. +.B \-\-sslcertck +recommended: When connecting to an SSL or TLS encrypted server, the +server presents a certificate to the client for validation. The +certificate is checked to verify that the common name in the certificate +matches the name of the server being contacted and that the effective +and expiration dates in the certificate indicate that it is currently +valid. If any of these checks fail, a warning message is printed, but +the connection continues. The server certificate does not need to be +signed by any specific Certifying Authority and may be a "self-signed" +certificate. If the \-\-sslcertck command line option or sslcertck run +control file option is used, fetchmail will instead abort if any of +these checks fail. Use of the sslcertck or \-\-sslcertck option is +advised. .PP Some SSL encrypted servers may request a client side certificate. A client side public SSL certificate and private SSL key may be specified. If |