status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #2201 from jhmartin/patch-3 

Escape verify_server_hostname angle-brackets
This commit is contained in:
James Phillips 2016-07-20 16:08:20 -07:00 committed by GitHub
parent 49424aefa0 a1b38ececb
commit fce7d75609
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
website/source/docs/agent/options.html.markdown
View File

@ -782,7 +782,7 @@ Consul will not enable TLS for the HTTP API unless the `https` port has been ass
* <a name="verify_server_hostname"></a><a href="#verify_server_hostname">`verify_server_hostname`</a> - If set to
true, Consul verifies for all outgoing connections that the TLS certificate presented by the servers
matches "server.<datacenter>.<domain>" hostname. This implies `verify_outgoing`.
matches "server.&lt;datacenter&gt;.&lt;domain&gt;" hostname. This implies `verify_outgoing`.
By default, this is false, and Consul does not verify the hostname of the certificate, only
that it is signed by a trusted CA. This setting is important to prevent a compromised
client from being restarted as a server, and thus being able to perform a MITM attack