docs: add how to customize CA bundle to use

Guts · Feb 19, 2024 · 9e61809 · 9e61809
1 parent 4dd2e6a
commit 9e61809
Showing 1 changed file with 29 additions and 0 deletions.
diff --git a/docs/guides/howto_behind_proxy.md b/docs/guides/howto_behind_proxy.md
@@ -4,6 +4,8 @@
 Only HTTP and HTTPS proxies are supported. No socks, no PAC.
 :::
 
+> See [Requests official documentation](https://docs.python-requests.org/en/latest/user/advanced/#proxies)
+
 ## Passing as CLI option
 
 - the proxy configuration is scoped to the QDT execution.
@@ -40,3 +42,30 @@ At the shell session scope:
 > $env:QDT_PROXY_HTTP='http://user:password@proxyserver.intra:8765'
 > qdt -vvv
 ```
+
+----
+
+## Defining custom SSL client certificates
+
+Using a proxy for https connections typically requires the local machine to trust the proxy’s root certificate.
+
+> See [Requests official documentation](https://docs.python-requests.org/en/latest/user/advanced/#ca-certificates)
+
+### Using `REQUESTS_CA_BUNDLE` or `CURL_CA_BUNDLE`
+
+Point to a certificat bundle file path (*.pem).
+
+#### Example on Windows PowerShell
+
+Only for the QDT command scope:
+
+```powershell
+$env:REQUESTS_CA_BUNDLE="$env:USERPROFILE\cacerts.pem"; qdt -vvv
+```
+
+At the shell session scope:
+
+```powershell
+> $env:REQUESTS_CA_BUNDLE="$env:USERPROFILE\cacerts.pem"
+> qdt -vvv
+```