all repos — nixfiles @ fd9734e7eaac3749a2a0ae3f7e47f34515070866

System and user configuration, managed by nix and home-manager

Emacs: Improve TLS security
Alan Pearce alan.pearce@spotcap.com
Fri, 13 Nov 2015 10:02:41 +0100
commit

fd9734e7eaac3749a2a0ae3f7e47f34515070866

parent

43d0e86610038d4b73a1675deabe02498b093e17

1 files changed, 13 insertions(+), 0 deletions(-)

jump to
M tag-emacs/emacs.d/init.orgtag-emacs/emacs.d/init.org
@@ -64,6 +64,19 @@ ** Req-package
 
 #+BEGIN_SRC emacs-lisp
+  (let ((trustfile
+         (replace-regexp-in-string
+          "\\\\" "/"
+          (replace-regexp-in-string
+           "\n" ""
+           (shell-command-to-string "python -m certifi")))))
+    (setq tls-checktrust t
+          tls-program
+          (list
+           (format "gnutls-cli%s --x509cafile %s -p %%p %%h"
+                   (if (eq window-system 'w32) ".exe" "") trustfile)))
+    (setq gnutls-verify-error t)
+    (setq gnutls-trustfiles (list trustfile)))
   (eval-and-compile
     (setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/")
                              ("marmalade" . "https://marmalade-repo.org/packages/")