diff --git a/Documentation/op-guide/configuration.md b/Documentation/op-guide/configuration.md
index d2ff02547..609981bfb 100644
--- a/Documentation/op-guide/configuration.md
+++ b/Documentation/op-guide/configuration.md
@@ -328,6 +328,11 @@ The security flags help to [build a secure etcd cluster][security].
 + default: ""
 + env variable: ETCD_CIPHER_SUITES
 
+### --experimental-peer-skip-client-san-verification 
++ Skip verification of SAN field in client certificate for peer connections.
++ default: false
++ env variable: ETCD_EXPERIMENTAL_PEER_SKIP_CLIENT_SAN_VERIFICATION
+
 ## Logging flags
 
 ### --logger
diff --git a/etcdmain/help.go b/etcdmain/help.go
index c64dab3bc..04c8ec8d1 100644
--- a/etcdmain/help.go
+++ b/etcdmain/help.go
@@ -162,6 +162,8 @@ security flags:
 		path to the peer certificate revocation list file.
 	--cipher-suites ''
 		comma-separated list of supported TLS cipher suites between client/server and peers (empty will be auto-populated by Go).
+	--experimental-peer-skip-client-san-verification 'false'
+		Skip verification of SAN field in client certificate for peer connections.
 
 logging flags