]>
Commit | Line | Data |
---|---|---|
4e312e69 | 1 | .IP "\fB\-\-peer\-ca\-cert=\fIpeer-cacert.pem\fR" |
84ee7bcf BP |
2 | Specifies a PEM file that contains one or more additional certificates |
3 | to send to SSL peers. \fIpeer-cacert.pem\fR should be the CA | |
812560d7 BP |
4 | certificate used to sign \fB\*(PN\fR's own certificate, that is, the |
5 | certificate specified on \fB\-c\fR or \fB\-\-certificate\fR. If | |
6 | \fB\*(PN\fR's certificate is self-signed, then \fB\-\-certificate\fR | |
7 | and \fB\-\-peer\-ca\-cert\fR should specify the same file. | |
84ee7bcf BP |
8 | .IP |
9 | This option is not useful in normal operation, because the SSL peer | |
10 | must already have the CA certificate for the peer to have any | |
812560d7 BP |
11 | confidence in \fB\*(PN\fR's identity. However, this offers a way for |
12 | a new installation to bootstrap the CA certificate on its first SSL | |
13 | connection. |