From a6cad5fb42c1243f73a3433c6fd91a85d75fc105 Mon Sep 17 00:00:00 2001 From: Simon Josefsson Date: Sun, 4 Jan 2026 21:05:17 +0100 Subject: Fix host-specific Acquire::https CAInfo/CRLFile example (Closes: #1112123) The proper syntax for a host-specific parameters are: Acquire::https::deb.debian.org::CAInfo "/path/to/cert.pem"; Acquire::https::deb.debian.org::CRLFile "/path/to/cert.pem"; --- doc/apt-transport-https.1.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/apt-transport-https.1.xml b/doc/apt-transport-https.1.xml index 64d473cac..732320113 100644 --- a/doc/apt-transport-https.1.xml +++ b/doc/apt-transport-https.1.xml @@ -54,7 +54,7 @@ for Acquire::http. This manpage will only document the option ca-certificates package) are used for the verification of the server certificate. An alternative certificate authority (CA) can be configured with the Acquire::https::CAInfo option and its -host-specific option Acquire::https::CAInfo::host. +host-specific option Acquire::https::host::CAInfo. The CAInfo option specifies a file made up of CA certificates (in PEM format) concatenated together to create the chain which APT should use to verify the path from your self-signed root certificate. If the remote server provides the @@ -63,7 +63,7 @@ certificate. Otherwise, the whole chain is required. If you need to support multiple authorities, the only way is to concatenate everything. A custom certificate revocation list (CRL) can be configured with the options Acquire::https::CRLFile and -Acquire::https::CRLFile::host. +Acquire::https::host::CRLFile. As with the previous option, a file in PEM format needs to be specified. -- cgit v1.2.3-70-g09d2