Add DOCKER_TLS_VERIFY environment variable, equivalent to --tlsverify flag

This makes it possible to make the Docker client "secure by default"
without wrapping the binary in a shell alias so that `--tlsverify` is
always passed.

Signed-off-by: Aanand Prasad <aanand.prasad@gmail.com>
Upstream-commit: 19fb942d3609f647adeda68c6ca106371c7b32ac
Component: engine

components/engine/docs/sources/articles/https.md

@@ -139,16 +139,18 @@ need to provide your client keys, certificates and trusted CA:
 
 If you want to secure your Docker client connections by default, you can move 
 the files to the `.docker` directory in your home directory - and set the
-`DOCKER_HOST` variable as well.
+`DOCKER_HOST` and `DOCKER_TLS_VERIFY` variables as well (instead of passing
+`-H=tcp://:2376` and `--tlsverify` on every call).
 
     $ cp ca.pem ~/.docker/ca.pem
     $ cp cert.pem ~/.docker/cert.pem
     $ cp key.pem ~/.docker/key.pem
     $ export DOCKER_HOST=tcp://:2376
+    $ export DOCKER_TLS_VERIFY=1
 
-Then you can run Docker with the `--tlsverify` option.
+Docker will now connect securely by default:
 
-    $ sudo docker --tlsverify ps
+    $ sudo docker ps
 
 ## Other modes