Emacs: Improve TLS security
1 file changed, 13 insertions(+), 0 deletions(-)
jump to
M tag-emacs/emacs.d/init.org → tag-emacs/emacs.d/init.org
@@ -64,6 +64,19 @@ ** Req-package #+BEGIN_SRC emacs-lisp + (let ((trustfile + (replace-regexp-in-string + "\\\\" "/" + (replace-regexp-in-string + "\n" "" + (shell-command-to-string "python -m certifi"))))) + (setq tls-checktrust t + tls-program + (list + (format "gnutls-cli%s --x509cafile %s -p %%p %%h" + (if (eq window-system 'w32) ".exe" "") trustfile))) + (setq gnutls-verify-error t) + (setq gnutls-trustfiles (list trustfile))) (eval-and-compile (setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/") ("marmalade" . "https://marmalade-repo.org/packages/")