I was going to suggest just having ssl-authorities-file = default, but
this works too :-)
-David Waite
>
> I did add a new boolean config option at first
> (ssl-system-authorities), but I decided that I did not like it because
> I figured that the default value would need to change depending on
> whether ssl-authorities-file was used or not.
>
> How about the following solution? It will load the system CAs if
> ssl-authorities-file is not used, but not if ssl-authorities-file is
> used. You can get around that by prefixing the filename with a plus
> (+). I think that covers all cases. If you want to disable all CAs,
> you can point ssl-authorities-file to an empty file.
>
> Example 1:
>
> # Add our own CAs to the default ones
> ssl-authorities-file = +/etc/my-CAs.pem
>
> Example 2:
>
> # Only permit our own CAs:
> ssl-authorities-file = /etc/my-CAs.pem
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Jul 21 21:46:36 2003