Mercurial Mercurial > hg / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/help/config.txt
changeset 29334 ecc9b788fd69
parent 29285 63a3749147af
child 29413 31d3ab7985b8
equal deleted inserted replaced
29333:cdef60d9f442 29334:ecc9b788fd69 
  1022     of the fingerprints specified. This means if the server updates its
 
  1022     of the fingerprints specified. This means if the server updates its
 
  1023     certificate, Mercurial will abort until a new fingerprint is defined.
 
  1023     certificate, Mercurial will abort until a new fingerprint is defined.
 
  1024     This can provide stronger security than traditional CA-based validation
 
  1024     This can provide stronger security than traditional CA-based validation
 
  1025     at the expense of convenience.
 
  1025     at the expense of convenience.
 
  1026 
  1026 
       
  1027     This option takes precedence over ``verifycertsfile``.
 
       
  1028 
       
  1029 ``verifycertsfile``
 
       
  1030     Path to file a containing a list of PEM encoded certificates used to
 
       
  1031     verify the server certificate. Environment variables and ``~user``
 
       
  1032     constructs are expanded in the filename.
 
       
  1033 
       
  1034     The server certificate or the certificate's certificate authority (CA)
 
       
  1035     must match a certificate from this file or certificate verification
 
       
  1036     will fail and connections to the server will be refused.
 
       
  1037 
       
  1038     If defined, only certificates provided by this file will be used:
 
       
  1039     ``web.cacerts`` and any system/default certificates will not be
 
       
  1040     used.
 
       
  1041 
       
  1042     This option has no effect if the per-host ``fingerprints`` option
 
       
  1043     is set.
 
       
  1044 
       
  1045     The format of the file is as follows:
 
       
  1046 
       
  1047         -----BEGIN CERTIFICATE-----
 
       
  1048         ... (certificate in base64 PEM encoding) ...
 
       
  1049         -----END CERTIFICATE-----
 
       
  1050         -----BEGIN CERTIFICATE-----
 
       
  1051         ... (certificate in base64 PEM encoding) ...
 
       
  1052         -----END CERTIFICATE-----
 
       
  1053 
  1027 For example::
 
  1054 For example::
 
  1028 
  1055 
  1029     [hostsecurity]
 
  1056     [hostsecurity]
 
  1030     hg.example.com:fingerprints = sha256:c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2
 
  1057     hg.example.com:fingerprints = sha256:c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2
 
  1031     hg2.example.com:fingerprints = sha1:914f1aff87249c09b6859b88b1906d30756491ca, sha1:fc:e2:8d:d9:51:cd:cb:c1:4d:18:6b:b7:44:8d:49:72:57:e6:cd:33
 
  1058     hg2.example.com:fingerprints = sha1:914f1aff87249c09b6859b88b1906d30756491ca, sha1:fc:e2:8d:d9:51:cd:cb:c1:4d:18:6b:b7:44:8d:49:72:57:e6:cd:33
 
       
  1059     foo.example.com:verifycertsfile = /etc/ssl/trusted-ca-certs.pem
 
  1032 
  1060 
  1033 ``http_proxy``
 
  1061 ``http_proxy``
 
  1034 --------------
 
  1062 --------------
 
  1035 
  1063 
  1036 Used to access web-based Mercurial repositories through a HTTP
 
  1064 Used to access web-based Mercurial repositories through a HTTP
Mercurial