Mercurial > hg
changeset 12593:01c373762b76 stable
doc: clarify that https cert verification requires web.cacerts
author | Mads Kiilerich <mads@kiilerich.com> |
---|---|
date | Fri, 01 Oct 2010 00:48:50 +0200 |
parents | f2937d6492c5 |
children | bb324910e40a |
files | doc/hgrc.5.txt mercurial/help/urls.txt |
diffstat | 2 files changed, 8 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/doc/hgrc.5.txt Fri Oct 01 00:46:59 2010 +0200 +++ b/doc/hgrc.5.txt Fri Oct 01 00:48:50 2010 +0200 @@ -951,8 +951,9 @@ third-party tools like email notification hooks can construct URLs. Example: ``http://hgserver/repos/``. ``cacerts`` - Path to file containing a list of PEM encoded certificate authorities - that may be used to verify an SSL server's identity. The form must be + Path to file containing a list of PEM encoded certificate authority + certificates. If specified on the client, then it will verify the identity + of remote HTTPS servers with these certificates. The form must be as follows:: -----BEGIN CERTIFICATE----- @@ -962,8 +963,8 @@ ... (certificate in base64 PEM encoding) ... -----END CERTIFICATE----- - This feature is only supported when using Python 2.6. If you wish to - use it with earlier versions of Python, install the backported + This feature is only supported when using Python 2.6 or later. If you wish + to use it with earlier versions of Python, install the backported version of the ssl library that is available from ``http://pypi.python.org``.
--- a/mercurial/help/urls.txt Fri Oct 01 00:46:59 2010 +0200 +++ b/mercurial/help/urls.txt Fri Oct 01 00:48:50 2010 +0200 @@ -18,6 +18,9 @@ possible if the feature is explicitly enabled on the remote Mercurial server. +Note that the security of HTTPS URLs depends on proper configuration of +web.cacerts. + Some notes about using SSH with Mercurial: - SSH requires an accessible shell account on the destination machine