X-Recipient: archive-cygwin AT delorie DOT com X-SWARE-Spam-Status: No, hits=-2.0 required=5.0 tests=AWL,BAYES_00,RCVD_NUMERIC_HELO,RP_MATCHES_RCVD,SPF_HELO_PASS X-Spam-Check-By: sourceware.org To: cygwin AT cygwin DOT com From: Oleksandr Gavenko Subject: Re: Suggestion to integrate Mercurial with ca-certificates package. Date: Tue, 27 Dec 2011 14:55:03 +0200 Lines: 23 Message-ID: <84boqumaxk.fsf@bifit.com.ua> References: <84fwg6md5j DOT fsf AT bifit DOT com DOT ua> Mime-Version: 1.0 Content-Type: text/plain User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.91 (windows-nt) X-IsSubscribed: yes Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com On 2011-12-27, Oleksandr Gavenko wrote: > When you try perform communication through HTTPS you get warning: > > cygwin# hg identify https://bitbucket.org/django/django > warning: bitbucket.org certificate with fingerprint > 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified > (check hostfingerprints or web.cacerts config setting) Official description of this issue available at: http://mercurial.selenic.com/wiki/CACertificates From there: Mercurial has improved its HTTPS support in the 1.7.x series. When connecting to an HTTPS server, it will now verify the server's certificate correctly and reject the connection if the server identity can't be confirmed - but only if Certification Authorities (CAs) have been configured. As of 1.7.3, Mercurial will warn if CAs haven't been configured. -- Best regards! -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple