diff --git a/src/compat/isync.1 b/src/compat/isync.1 index 527ca6a..fb9900f 100644 --- a/src/compat/isync.1 +++ b/src/compat/isync.1 @@ -259,7 +259,12 @@ established with the IMAP server. (Default: \fIyes\fR) .. .TP \fBCertificateFile\fR \fIpath\fR -File containing X.509 CA certificates used to verify server identities. +File containing additional X.509 certificates used to verify server +identities. Directly matched peer certificates are always trusted, +regardless of validity. +.br +Note that the system's default certificate store is always used +and should not be specified here. .. .TP \fBUseSSLv2\fR \fIyes\fR|\fIno\fR diff --git a/src/compat/isyncrc.sample b/src/compat/isyncrc.sample index 5a6cf10..0bc5d35 100644 --- a/src/compat/isyncrc.sample +++ b/src/compat/isyncrc.sample @@ -3,7 +3,7 @@ # doesn't specify it. # SSL server certificate file -CertificateFile /etc/ssl/certs/ca-certificates.crt +CertificateFile ~/.isync.certs # by default, expunge deleted messages (same as -e on command line) Expunge yes diff --git a/src/mbsyncrc.sample b/src/mbsyncrc.sample index c7d61c7..d82d1b8 100644 --- a/src/mbsyncrc.sample +++ b/src/mbsyncrc.sample @@ -26,7 +26,6 @@ Pass xxxxxxxx # "Account Name" USERNAME # "Password" PASSWORD #PassCmd "/usr/bin/security find-internet-password -w -a USERNAME -s IMAPSERVER ~/Library/Keychains/login.keychain" -CertificateFile /etc/ssl/certs/ca-certificates.crt Channel work Master :work: