aboutsummaryrefslogtreecommitdiffstats
path: root/doc/man1/s_client.pod
diff options
context:
space:
mode:
Diffstat (limited to 'doc/man1/s_client.pod')
-rw-r--r--doc/man1/s_client.pod14
1 files changed, 9 insertions, 5 deletions
diff --git a/doc/man1/s_client.pod b/doc/man1/s_client.pod
index 5414ffa41e..9f6084d53e 100644
--- a/doc/man1/s_client.pod
+++ b/doc/man1/s_client.pod
@@ -159,16 +159,20 @@ Use IPv6 only.
=item B<-servername name>
Set the TLS SNI (Server Name Indication) extension in the ClientHello message to
-the given value.
+the given value. If both this option and the B<-noservername> are not given, the
+TLS SNI extension is still set to the hostname provided to the B<-connect> option,
+or "localhost" if B<-connect> has not been supplied. This is default since OpenSSL
+1.1.1.
+
+Even though SNI name should normally be a DNS name and not an IP address, this
+option will not make the distinction when parsing B<-connect> and will send
+IP address if one passed.
=item B<-noservername>
Suppresses sending of the SNI (Server Name Indication) extension in the
ClientHello message. Cannot be used in conjunction with the B<-servername> or
-<-dane_tlsa_domain> options. If this option is not given then the hostname
-provided to the B<-connect> option is used in the SNI extension, or "localhost"
-if B<-connect> has not been supplied. Note that an SNI name should normally be a
-DNS name and not an IP address.
+<-dane_tlsa_domain> options.
=item B<-cert certname>
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-22 17:59:35 +0000