Commit a0f20f21 authored by Ted Zlatanov's avatar Ted Zlatanov

Document `gnutls-verify-error'.

* emacs-gnutls.texi (Help For Users): Document `gnutls-verify-error'.
parent 30143e3d
2013-12-23 Teodor Zlatanov <tzz@lifelogs.com>
* emacs-gnutls.texi (Help For Users): Document `gnutls-verify-error'.
2013-12-22 Glenn Morris <rgm@gnu.org>
* woman.texi (Navigation): Use itemx where appropriate.
......
......@@ -132,6 +132,24 @@ know if you do, so we can make the change to benefit the other users
of that platform.
@end defvar
@defvar gnutls-verify-error
The @code{gnutls-verify-error} variable allows you to verify SSL/TLS
server certificates for all connections or by host name. It defaults
to @code{nil} for now but will likely be changed to @code{t} later,
meaning that all certificates will be verified.
There are two checks available currently, that the certificate has
been issued by a trusted authority as defined by
@code{gnutls-trustfiles}, and that the hostname matches the
certificate. @code{t} enables both checks, but you can enable them
individually as well with @code{:trustfiles} and @code{:hostname}
instead.
Because of the low-level interactions with the GnuTLS library, there
is no way currently to ask if a certificate can be accepted. You have
to look in the @code{*Messages*} buffer.
@end defvar
@defvar gnutls-min-prime-bits
The @code{gnutls-min-prime-bits} variable is a pretty exotic
customization for cases where you want to refuse handshakes with keys
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment