| Message ID | dd5d9b93-1585-4165-8f5d-d9737725071e@emailcarter.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | [v2] docs: indicate http.sslCertType and sslKeyType | expand |
Andrew Carter <andrew@emailcarter.com> writes: > 0a01d41ee4 (http: add support for different sslcert and sslkey types., > 2023-03-20) added useful SSL config options, but did not document them. > > Signed-off-by: Andrew Carter <andrew@emailcarter.com> > --- > Documentation/config/http.txt | 15 +++++++++++++++ > 1 file changed, 15 insertions(+) warning: Patch sent with format=flowed; space at the end of lines might be lost. error: corrupt patch at line 10 hint: Use 'git am --show-current-patch=diff' to see the failed patch hint: When you have resolved this problem, run "git am --continue". hint: If you prefer to skip this patch, run "git am --skip" instead. hint: To restore the original branch and stop patching, run "git am --abort". hint: Disable this message with "git config set advice.mergeConflict false" Applying: docs: indicate http.sslCertType and sslKeyType Patch failed at 0001 docs: indicate http.sslCertType and sslKeyType I thought that the initial iteration I received from you on Jan 23rd was just fine. Did you change some settings with your MUA? The patch is heavily whitespace damaged, with full of . > diff --git a/Documentation/config/http.txt b/Documentation/config/http.txt > index a14371b5c9..38e874307b 100644 > --- a/Documentation/config/http.txt > +++ b/Documentation/config/http.txt > @@ -216,6 +216,21 @@ http.sslBackend:: > This option is ignored if cURL lacks support for choosing the SSL > backend at runtime. > > +http.sslCertType:: > + Type of client certificate used when fetching or pushing over HTTPS. > + "PEM", "DER" are supported when using openssl or gnutls backends. "P12" > + is supported on "openssl", "schannel", "securetransport", and > gnutls 8.11+. > + See also libcurl `CURLOPT_SSLCERTTYPE`. Can be overridden by the > + `GIT_SSL_CERT_TYPE` environment variable. > + > +http.sslKeyType:: > + Type of client private key used when fetching or pushing over > HTTPS. (e.g. > + "PEM", "DER", or "ENG"). Only applicable when using "openssl" > backend. "DER" > + is not supported with openssl. Particularly useful when set to > "ENG" for > + authenticating with PKCS#11 tokens, with a PKCS#11 URL in sslCert > option. > + See also libcurl `CURLOPT_SSLCERTTYPE`. Can be overridden by the > + `GIT_SSL_KEY_TYPE` environment variable. > + > http.schannelCheckRevoke:: > Used to enforce or disable certificate revocation checks in cURL > when http.sslBackend is set to "schannel". Defaults to `true` if
On 1/30/25 4:22 PM, Junio C Hamano wrote: > Andrew Carter <andrew@emailcarter.com> writes: > >> 0a01d41ee4 (http: add support for different sslcert and sslkey types., >> 2023-03-20) added useful SSL config options, but did not document them. >> >> Signed-off-by: Andrew Carter <andrew@emailcarter.com> >> --- >> Documentation/config/http.txt | 15 +++++++++++++++ >> 1 file changed, 15 insertions(+) > warning: Patch sent with format=flowed; space at the end of lines might be lost. > error: corrupt patch at line 10 > hint: Use 'git am --show-current-patch=diff' to see the failed patch > hint: When you have resolved this problem, run "git am --continue". > hint: If you prefer to skip this patch, run "git am --skip" instead. > hint: To restore the original branch and stop patching, run "git am --abort". > hint: Disable this message with "git config set advice.mergeConflict false" > Applying: docs: indicate http.sslCertType and sslKeyType > Patch failed at 0001 docs: indicate http.sslCertType and sslKeyType > > I thought that the initial iteration I received from you on Jan 23rd > was just fine. Did you change some settings with your MUA? The patch > is heavily whitespace damaged, with full of . > > >> diff --git a/Documentation/config/http.txt b/Documentation/config/http.txt >> index a14371b5c9..38e874307b 100644 >> --- a/Documentation/config/http.txt >> +++ b/Documentation/config/http.txt >> @@ -216,6 +216,21 @@ http.sslBackend:: >> This option is ignored if cURL lacks support for choosing the SSL >> backend at runtime. >> >> +http.sslCertType:: >> + Type of client certificate used when fetching or pushing over HTTPS. >> + "PEM", "DER" are supported when using openssl or gnutls backends. "P12" >> + is supported on "openssl", "schannel", "securetransport", and >> gnutls 8.11+. >> + See also libcurl `CURLOPT_SSLCERTTYPE`. Can be overridden by the >> + `GIT_SSL_CERT_TYPE` environment variable. >> + >> +http.sslKeyType:: >> + Type of client private key used when fetching or pushing over >> HTTPS. (e.g. >> + "PEM", "DER", or "ENG"). Only applicable when using "openssl" >> backend. "DER" >> + is not supported with openssl. Particularly useful when set to >> "ENG" for >> + authenticating with PKCS#11 tokens, with a PKCS#11 URL in sslCert >> option. >> + See also libcurl `CURLOPT_SSLCERTTYPE`. Can be overridden by the >> + `GIT_SSL_KEY_TYPE` environment variable. >> + >> http.schannelCheckRevoke:: >> Used to enforce or disable certificate revocation checks in cURL >> when http.sslBackend is set to "schannel". Defaults to `true` if Sorry for the inconvenience, and thanks for your patience. The original message was composed by GitGitGadget. I pasted the v2 patch into Thunderbird initially, which clearly failed. I sent a new v2 patch using git send-email, and at a glance it looks unbroken. If further changes are needed I can get an updated patch to you with a faster turnaround now. -AC
diff --git a/Documentation/config/http.txt b/Documentation/config/http.txt index a14371b5c9..38e874307b 100644 --- a/Documentation/config/http.txt +++ b/Documentation/config/http.txt @@ -216,6 +216,21 @@ http.sslBackend:: This option is ignored if cURL lacks support for choosing the SSL backend at runtime. +http.sslCertType:: + Type of client certificate used when fetching or pushing over HTTPS. + "PEM", "DER" are supported when using openssl or gnutls backends. "P12" + is supported on "openssl", "schannel", "securetransport", and gnutls 8.11+. + See also libcurl `CURLOPT_SSLCERTTYPE`. Can be overridden by the + `GIT_SSL_CERT_TYPE` environment variable. + +http.sslKeyType:: + Type of client private key used when fetching or pushing over HTTPS. (e.g. + "PEM", "DER", or "ENG"). Only applicable when using "openssl" backend. "DER" + is not supported with openssl. Particularly useful when set to "ENG" for + authenticating with PKCS#11 tokens, with a PKCS#11 URL in sslCert option. + See also libcurl `CURLOPT_SSLCERTTYPE`. Can be overridden by the
0a01d41ee4 (http: add support for different sslcert and sslkey types., 2023-03-20) added useful SSL config options, but did not document them. Signed-off-by: Andrew Carter <andrew@emailcarter.com> --- Documentation/config/http.txt | 15 +++++++++++++++ 1 file changed, 15 insertions(+) + `GIT_SSL_KEY_TYPE` environment variable. + http.schannelCheckRevoke:: Used to enforce or disable certificate revocation checks in cURL when http.sslBackend is set to "schannel". Defaults to `true` if