From d6025c1211a8a83b42d59ecd8b04572a64cc0f3a Mon Sep 17 00:00:00 2001
From: quindecim <49964366+quindecim@users.noreply.github.com>
Date: Sun, 1 Jan 2023 23:44:48 +0100
Subject: [PATCH] Document `cert_ignore_timestamp`

https://github.com/DNSCrypt/dnscrypt-proxy/commit/c883949a97b4eb2d779bee86559eec756aa7138b
---
 config/dnscrypt-proxy.toml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/config/dnscrypt-proxy.toml b/config/dnscrypt-proxy.toml
index 94fbdb6..3e43025 100644
--- a/config/dnscrypt-proxy.toml
+++ b/config/dnscrypt-proxy.toml
@@ -188,6 +188,13 @@ blocked_query_response = 'refused'
 cert_refresh_delay = 240
 
 
+## Initially don't check DNSCrypt server certificates for expiration, and
+## only start checking them after a first successful connection to a resolver.
+## This can be useful on routers with no battery-backed clock.
+
+# cert_ignore_timestamp = false
+
+
 ## DNSCrypt: Create a new, unique key for every single DNS query
 ## This may improve privacy but can also have a significant impact on CPU usage
 ## Only enable if you don't have a lot of network load