add document for allowInsecureIfPinnedPeerCertificate

v2fly · Sep 8, 2024 · 73af2f8 · 73af2f8
1 parent 5966c9b
commit 73af2f8
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/docs/en_US/v5/config/stream.md b/docs/en_US/v5/config/stream.md
@@ -53,8 +53,11 @@ Pinned Peer Certificate Chain SHA256 Hash. Should be represented in base64 forma
 
 You can generate this value with `./v2ray tls certChainHash --cert <cert.pem>` (v5.18.0+)
 
-> `certificate`: [[CertificateObject](#certificateobject)]
+> `allowInsecureIfPinnedPeerCertificate` : bool
+
+This option allow TLS certificate verification to be turned off if the `pinnedPeerCertificateChainSha256` is set. If `pinnedPeerCertificateChainSha256` is not set, this option is ignored.
 
+> `certificate`: [[CertificateObject](#certificateobject)]
 
 # CertificateObject
 

diff --git a/docs/v5/config/stream.md b/docs/v5/config/stream.md
@@ -59,6 +59,10 @@ security.tls
 
 在连接因为此策略失败时，会展示此证书链散列。不建议使用这种方式获得证书链散列值，因为在这种情况下您没有机会验证此时服务器提供的证书是否为真实证书。
 
+> `allowInsecureIfPinnedPeerCertificate` : bool
+
+此选项将在 `pinnedPeerCertificateChainSha256` 被设置时禁用 TLS 证书验证。如果 `pinnedPeerCertificateChainSha256` 没有被设置，本选项会被忽略。
+
 > `certificate`: \[[CertificateObject](#certificateobject)\]