doc: add new imrelp parameter

1 files changed, 17 insertions, 0 deletions

diff --git a/doc/omrelp.html b/doc/omrelp.html
index a44ec319..d01a1add 100644
--- a/doc/omrelp.html
+++ b/doc/omrelp.html
@@ -42,6 +42,23 @@ must be used.
 	increases CPU use, the network bandwidth should be reduced. Note that
 	typical text-based log records usually compress rather well.
 	</li>
+	<li><b>tls.permittedPeer</b> peer</br>
+	Places access restrictions on this listener. Only peers which
+	have been listed in this parameter may connect. The validation
+	bases on the cerficate the remote peer presents.<br>
+	The <i>peer</i> parameter lists permitted certificate
+	fingerprints. Note that it is an array parameter, so either
+	a single or multiple fingerprints can be listed. When a
+	non-permitted peer connects, the refusal is logged together
+	with it's fingerprint. So it the administrator knows this was
+	a valid request, he can simple add the fingerprint by copy and
+	past from the logfile to rsyslog.conf.
+	<br>To specify multiple fingerprints, just enclose them
+	in braces like this:
+	<br>tls.permittedPeer=["SHA1:...1", "SHA1:....2"]
+	<br>To specify just a single peer, you can either
+	specify the string directly or enclose it in braces.
+	</li>
 	<li><b>tls.prioritystring</b> (not mandatory, string)<br>
 	This parameter permits to specify the so-called "priority string" to
 	GnuTLS. This string gives complete control over all crypto parameters,