feature: Augment default truststore by default, optionally limit to custom CA certs #2057
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Continuation of PR #1937, considering the changes proposed in that PR.
Description
The change in feature #1863 did not cover the CLI feature of Bruno,
bru
. This feature adds that part and introduces a new command line option tobru
CLI to control the way custom CA certificates are handled: replace or extend the default truststore.The new CLI option is called
--ignore-truststore
and documented in both synopsis and readme.This new option only is in effect, if a custom CA certificate is specified via option
--cacert
.At the same time, this change inverts the default handling of specifying custom CA certificates in the GUI. Previously, the default truststore was replaced completely, if custom CA certificates had been specified. Now specifying custom CA certificates results in augmenting the default truststore: the setting "Keep default truststore" is selected by default.
Contribution Checklist:
Use system CA certificates and/or allow specifying additional CA certificates #1080