diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -0,0 +1,3 @@
+v0.1.0.1
+
+	* Documentation updates.
diff --git a/HsOpenSSL-x509-system.cabal b/HsOpenSSL-x509-system.cabal
--- a/HsOpenSSL-x509-system.cabal
+++ b/HsOpenSSL-x509-system.cabal
@@ -1,5 +1,5 @@
 name:                HsOpenSSL-x509-system
-version:             0.1.0.0
+version:             0.1.0.1
 synopsis:            Use the system's native CA certificate store with HsOpenSSL
 description:
   A cross-platform library that tries to find a (reasonable) CA certificate
diff --git a/OpenSSL/X509/SystemStore.hs b/OpenSSL/X509/SystemStore.hs
--- a/OpenSSL/X509/SystemStore.hs
+++ b/OpenSSL/X509/SystemStore.hs
@@ -15,8 +15,9 @@
 
 -- | Add the certificates from the system-wide certificate store to the
 -- given @openssl@ context. Note that this does not automatically enable
--- peer certificate verification. You need to also call
--- 'OpenSSL.Session.contextSetVerificationMode' for that.
+-- peer certificate verification. You also need to call
+-- 'OpenSSL.Session.contextSetVerificationMode' and check manually if the
+-- hostname matches with the one specified in the certificate.
 contextLoadSystemCerts :: SSLContext -> IO () 
 contextLoadSystemCerts = S.contextLoadSystemCerts
 {-# INLINE contextLoadSystemCerts #-}
