diff --git a/daemon/remote.c b/daemon/remote.c
index fa620a47f..9f46df081 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -1950,6 +1950,11 @@ parse_delegpt(RES* ssl, char* args, uint8_t* nm, int allow_names)
 				return NULL;
 			}
 		} else {
+#ifndef HAVE_SSL_SET1_HOST
+			if(auth_name)
+			  log_err("no name verification functionality in "
+				"ssl library, ignored name for %s", p->str);
+#endif
 			/* add address */
 			if(!delegpt_add_addr_mlc(dp, &addr, addrlen, 0, 0,
 				auth_name)) {
diff --git a/doc/Changelog b/doc/Changelog
index 67080ae53..367451e7b 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,5 +1,7 @@
 17 July 2018: Wouter
 	- Fix #4127 unbound -h does not list -p help.
+	- Print error if SSL name verification configured but not available
+	  in the ssl library.
 
 16 July 2018: Wouter
 	- Fix qname minimisation NXDOMAIN validation lookup failures causing
diff --git a/iterator/iter_fwd.c b/iterator/iter_fwd.c
index a44f54386..96860c002 100644
--- a/iterator/iter_fwd.c
+++ b/iterator/iter_fwd.c
@@ -239,6 +239,11 @@ read_fwds_addr(struct config_stub* s, struct delegpt* dp)
 				s->name, p->str);
 			return 0;
 		}
+#ifndef HAVE_SSL_SET1_HOST
+		if(tls_auth_name)
+			log_err("no name verification functionality in "
+				"ssl library, ignored name for %s", p->str);
+#endif
 		if(!delegpt_add_addr_mlc(dp, &addr, addrlen, 0, 0,
 			tls_auth_name)) {
 			log_err("out of memory");
diff --git a/iterator/iter_hints.c b/iterator/iter_hints.c
index e8d09338e..5a0bc904b 100644
--- a/iterator/iter_hints.c
+++ b/iterator/iter_hints.c
@@ -252,6 +252,11 @@ read_stubs_addr(struct config_stub* s, struct delegpt* dp)
 				s->name, p->str);
 			return 0;
 		}
+#ifndef HAVE_SSL_SET1_HOST
+		if(auth_name)
+			log_err("no name verification functionality in "
+				"ssl library, ignored name for %s", p->str);
+#endif
 		if(!delegpt_add_addr_mlc(dp, &addr, addrlen, 0, 0,
 			auth_name)) {
 			log_err("out of memory");