mention the fact that you can append a new CA cert to the existing bundle too

author Daniel Stenberg <daniel@haxx.se>

Tue, 30 Mar 2004 06:46:36 +0000 (06:46 +0000)

committer Daniel Stenberg <daniel@haxx.se>

Tue, 30 Mar 2004 06:46:36 +0000 (06:46 +0000)
author Daniel Stenberg <daniel@haxx.se>
Tue, 30 Mar 2004 06:46:36 +0000 (06:46 +0000)
committer Daniel Stenberg <daniel@haxx.se>
Tue, 30 Mar 2004 06:46:36 +0000 (06:46 +0000)
diff --git a/docs/SSLCERTS b/docs/SSLCERTS

index f9028c4b172b1f4ff6fd5e5184d49d3b14247500..406083f41572beab389b2f885d54c47c9b22ec2f 100644 (file)
--- a/docs/SSLCERTS
+++ b/docs/SSLCERTS
@@ -28,6 +28,12 @@ server, do one of the following:
  
      With the curl command tool: --cacert [file]
  
+ 3. Add the CA cert for your server to the existing default CA cert bundle.
+    The default path of the CA bundle installed with the curl package is:
+    /usr/local/share/curl/curl-ca-bundle.crt, which can be changed by running
+    configure with the --with-ca-bundle option pointing out the path of your
+    choice.
+
  Neglecting to use one of the above menthods when dealing with a server using a
  certficate that isn't signed by one of the certficates in the installed CA
  cert bundle, will cause SSL to report an error ("certificate verify failed")
@@ -40,7 +46,3 @@ connections that previously weren't really secure. It turned out many people
  were using previous versions of curl/libcurl without realizing the need for
  the CA cert options to get truly secure SSL connections.
  
-The default path of the CA bundle installed with the curl package is:
-/usr/local/share/curl/curl-ca-bundle.crt, which can be changed by running
-configure with the --with-ca-bundle option pointing out the path of your
-choice.
author	Daniel Stenberg <daniel@haxx.se>
	Tue, 30 Mar 2004 06:46:36 +0000 (06:46 +0000)
committer	Daniel Stenberg <daniel@haxx.se>
	Tue, 30 Mar 2004 06:46:36 +0000 (06:46 +0000)