152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
|
<tt>cacert.pem</tt> file. Install it somewhere on your system, then
point Fossil at it like so:
<pre>
fossil set --global ssl-ca-location /path/to/cacert.pem
</pre>
Linux platforms tend to provide such a root cert store along with the
platform OpenSSL package, either built-in or as a hard dependency.
<h4>Client-Side Certificates</h4>
You can also use client side certificates to add an extra layer of
authentication, over and above Fossil's built in user management. If you
are particularly paranoid, you'll want to use this to remove the ability
|
>
>
>
|
>
>
|
>
|
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
|
<tt>cacert.pem</tt> file. Install it somewhere on your system, then
point Fossil at it like so:
<pre>
fossil set --global ssl-ca-location /path/to/cacert.pem
</pre>
This can also happen if you've linked Fossil to a version of OpenSSL
[built from source](#openssl-src). That same `cacert.pem` fix can work
in that case, too.
When you build Fossil on Linux platforms against the binary OpenSSL
package provided with the OS, you typically get a root cert store along
with the platform OpenSSL package, either built-in or as a hard
dependency.
<h4>Client-Side Certificates</h4>
You can also use client side certificates to add an extra layer of
authentication, over and above Fossil's built in user management. If you
are particularly paranoid, you'll want to use this to remove the ability
|