MINOR: ssl: Add statement 'verifyhost' to "server" statements
verifyhost allows you to specify a hostname that the remote server's
SSL certificate must match. Connections that don't match will be
closed with an SSL error.
diff --git a/doc/configuration.txt b/doc/configuration.txt
index 4bb2572..37d16cb 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -8100,6 +8100,16 @@
Supported in default-server: No
+verifyhost <hostname>
+ This setting is only available when support for OpenSSL was built in, and
+ only takes effect if 'verify required' is also specified. When set, the
+ hostnames in the subject and subjectAlternateNames of the certificate
+ provided by the server are checked. If none of the hostnames in the
+ certificate match the specified hostname, the handshake is aborted. The
+ hostnames in the server-provided certificate may include wildcards.
+
+ Supported in default-server: No
+
weight <weight>
The "weight" parameter is used to adjust the server's weight relative to
other servers. All servers will receive a load proportional to their weight