--- a/mercurial/hg.py	Wed Dec 22 13:25:00 2010 -0600
+++ b/mercurial/hg.py	Mon Dec 27 17:49:58 2010 +0100
@@ -545,9 +545,12 @@
     if r:
         dst.setconfig('bundle', 'mainreporoot', r)
 
-    # copy auth and http_proxy section settings
+    # copy selected local settings to the remote ui
     for sect in ('auth', 'http_proxy'):
         for key, val in src.configitems(sect):
             dst.setconfig(sect, key, val)
+    v = src.config('web', 'cacerts')
+    if v:
+        dst.setconfig('web', 'cacerts', v)
 
     return dst

--- a/tests/test-https.t	Wed Dec 22 13:25:00 2010 -0600
+++ b/tests/test-https.t	Mon Dec 27 17:49:58 2010 +0100
@@ -126,7 +126,7 @@
   adding bar
   $ cd ..
 
-pull
+pull without cacert
 
   $ cd copy-pull
   $ echo '[hooks]' >> .hg/hgrc
@@ -143,12 +143,28 @@
   (run 'hg update' to get a working copy)
   $ cd ..
 
-cacert
+cacert configured in local repo
 
-  $ hg -R copy-pull pull --config web.cacerts=pub.pem
+  $ cp copy-pull/.hg/hgrc copy-pull/.hg/hgrc.bu
+  $ echo "[web]" >> copy-pull/.hg/hgrc
+  $ echo "cacerts=`pwd`/pub.pem" >> copy-pull/.hg/hgrc
+  $ hg -R copy-pull pull --traceback
   pulling from https://localhost:$HGPORT/
   searching for changes
   no changes found
+  $ mv copy-pull/.hg/hgrc.bu copy-pull/.hg/hgrc
+
+cacert configured globally
+
+  $ echo "[web]" >> $HGRCPATH
+  $ echo "cacerts=`pwd`/pub.pem" >> $HGRCPATH
+  $ hg -R copy-pull pull
+  pulling from https://localhost:$HGPORT/
+  searching for changes
+  no changes found
+
+cacert mismatch
+
   $ hg -R copy-pull pull --config web.cacerts=pub.pem https://127.0.0.1:$HGPORT/
   abort: 127.0.0.1 certificate error: certificate is for localhost
   [255]