This is an automated email from the ASF dual-hosted git repository. vy pushed a commit to branch verifyHostName in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
commit 37b6a696ea0cfb52434d3528d6917a20309216c1 Author: Volkan Yazıcı <[email protected]> AuthorDate: Mon Dec 8 21:23:50 2025 +0100 Update docs --- src/site/antora/modules/ROOT/pages/manual/appenders/network.adoc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/site/antora/modules/ROOT/pages/manual/appenders/network.adoc b/src/site/antora/modules/ROOT/pages/manual/appenders/network.adoc index fee161916f..ef11d2dead 100644 --- a/src/site/antora/modules/ROOT/pages/manual/appenders/network.adoc +++ b/src/site/antora/modules/ROOT/pages/manual/appenders/network.adoc @@ -67,6 +67,9 @@ https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuid If `true`, the host name in X509 certificate will be compared to the requested host name. In the case of a mismatch, the connection will fail. +Note that SSL/TLS does not allow IP literals for host name verification – see https://www.rfc-editor.org/rfc/rfc6066.html#section-3[RFC 6066]. +Host name verification will only be effective if the provided host name is not an IP literal and a valid host name per https://www.rfc-editor.org/rfc/rfc1035.html[RFC 1035]. + See also xref:manual/systemproperties.adoc#log4j2.sslVerifyHostName[`log4j2.sslVerifyHostName`]. |===
