Cannot pull/push to https server with self-signed certificate
timeless
timeless at gmail.com
Sun Jan 9 13:30:49 CST 2011
On Sun, Jan 9, 2011 at 9:09 PM, Yuya Nishihara <yuya at tcha.org> wrote:
>> On Sun, Jan 9, 2011 at 8:11 PM, Yuya Nishihara <yuya at tcha.org> wrote:
>> > If you have a list of trusted hosts, and have certificates,
>> > you can use them in place of global root cacerts, maybe.
>>
>> global root management is a disaster.
>
> Oops, I tried to mean if we have something like the following hgrc:
>
> [auth]
> foo.prefix = foo.example.org
> foo.cacerts = path/to/cert.pem or inline certificate data
>
> we can just use foo.cacerts instead of web.cacerts when connecting to
> foo.example.org, instead of "disable any validation (cacerts=None)".
>
> Or I completely misread the story?
no, my fault, i misread 'in place of global root cacerts'. thanks for clarifying
More information about the Mercurial-devel
mailing list