From fd9734e7eaac3749a2a0ae3f7e47f34515070866 Mon Sep 17 00:00:00 2001 From: Alan Pearce Date: Fri, 13 Nov 2015 10:02:41 +0100 Subject: Emacs: Improve TLS security --- tag-emacs/emacs.d/init.org | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tag-emacs/emacs.d/init.org b/tag-emacs/emacs.d/init.org index 2673002..ab2a087 100644 --- a/tag-emacs/emacs.d/init.org +++ b/tag-emacs/emacs.d/init.org @@ -64,6 +64,19 @@ cask update ** Req-package #+BEGIN_SRC emacs-lisp + (let ((trustfile + (replace-regexp-in-string + "\\\\" "/" + (replace-regexp-in-string + "\n" "" + (shell-command-to-string "python -m certifi"))))) + (setq tls-checktrust t + tls-program + (list + (format "gnutls-cli%s --x509cafile %s -p %%p %%h" + (if (eq window-system 'w32) ".exe" "") trustfile))) + (setq gnutls-verify-error t) + (setq gnutls-trustfiles (list trustfile))) (eval-and-compile (setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/") ("marmalade" . "https://marmalade-repo.org/packages/") -- cgit 1.4.1