diff mbox series

docs: indicate http.sslCertType and sslKeyType

Message ID pull.1854.git.1737591366672.gitgitgadget@gmail.com (mailing list archive)
State New
Headers show
Series docs: indicate http.sslCertType and sslKeyType | expand

Commit Message

Andrew Carter Jan. 23, 2025, 12:16 a.m. UTC 
From: Andrew Carter <andrew@emailcarter.com>

These useful config options were added in 0a01d41ee4c but lacked
documentation.

Signed-off-by: Andrew Carter <andrew@emailcarter.com>
---
    document http.sslCertType and sslKeyType

Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-1854%2Fplentydone%2Fcurl-cert-options-v1
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-1854/plentydone/curl-cert-options-v1
Pull-Request: https://github.com/gitgitgadget/git/pull/1854

 Documentation/config/http.txt | 12 ++++++++++++
 1 file changed, 12 insertions(+)


base-commit: 4e746b1a31f9f0036032b6f94279cf16fb363203

Comments

brian m. carlson Jan. 23, 2025, 12:34 a.m. UTC | #1 
On 2025-01-23 at 00:16:06, Andrew Carter via GitGitGadget wrote:
> diff --git a/Documentation/config/http.txt b/Documentation/config/http.txt
> index a14371b5c96..cd39e182527 100644
> --- a/Documentation/config/http.txt
> +++ b/Documentation/config/http.txt
> @@ -216,6 +216,18 @@ http.sslBackend::
>  	This option is ignored if cURL lacks support for choosing the SSL
>  	backend at runtime.
>  
> +http.sslCertType::
> +	Type of client certificate used when fetching or pushing over HTTPS.
> +	(e.g. "PEM", "DER", or "P12"). See also libcurl `CURLOPT_SSLCERTTYPE`
> +	Can be overridden by the `GIT_SSL_CERT_TYPE` environment variable.
> +
> +http.sslKeyType::
> +	Type of client private key used when fetching or pushing over HTTPS.
> +	(e.g. "PEM", "DER", or "ENG"). Particularly useful when set to "ENG"
> +	for authenticating with PKCS#11 tokens. See also libcurl
> +	`CURLOPT_SSLCERTTYPE` . Can be overridden by the `GIT_SSL_KEY_TYPE`
> +	environment variable.

Are there any particular limitations on these values that are platform-
or backend-specific that we should document?  For instance, I seem to
recall that at some point PKCS#12 files were limited to schannel or
Windows, although I could be mistaken.

Do we also have documentation for whatever engine parameter is required
according to the libcurl documentation?
diff mbox series

Patch

diff --git a/Documentation/config/http.txt b/Documentation/config/http.txt
index a14371b5c96..cd39e182527 100644
--- a/Documentation/config/http.txt
+++ b/Documentation/config/http.txt
@@ -216,6 +216,18 @@  http.sslBackend::
 	This option is ignored if cURL lacks support for choosing the SSL
 	backend at runtime.
 
+http.sslCertType::
+	Type of client certificate used when fetching or pushing over HTTPS.
+	(e.g. "PEM", "DER", or "P12"). See also libcurl `CURLOPT_SSLCERTTYPE`
+	Can be overridden by the `GIT_SSL_CERT_TYPE` environment variable.
+
+http.sslKeyType::
+	Type of client private key used when fetching or pushing over HTTPS.
+	(e.g. "PEM", "DER", or "ENG"). Particularly useful when set to "ENG"
+	for authenticating with PKCS#11 tokens. See also libcurl
+	`CURLOPT_SSLCERTTYPE` . Can be overridden by the `GIT_SSL_KEY_TYPE`
+	environment variable.
+
 http.schannelCheckRevoke::
 	Used to enforce or disable certificate revocation checks in cURL
 	when http.sslBackend is set to "schannel". Defaults to `true` if