1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
<?xml version="1.0" encoding="utf-8"?>
<dl>
<dt><code>--peer-ca-cert=</code><var>peer-cacert.pem</var></dt>
<dd>
<p>
Specifies a PEM file that contains one or more additional certificates
to send to SSL/TLS peers. <var>peer-cacert.pem</var> should be the CA
certificate used to sign the program's own certificate, that is, the
certificate specified on <code>-c</code> or <code>--certificate</code>.
If the program's certificate is self-signed, then
<code>--certificate</code> and <code>--peer-ca-cert</code> should specify
the same file.
</p>
<p>
This option is not useful in normal operation, because the SSL/TLS peer
must already have the CA certificate for the peer to have any
confidence in the program's identity. However, this offers a way for
a new installation to bootstrap the CA certificate on its first SSL/TLS
connection.
</p>
</dd>
</dl>
|
