--peer-ca-cert=
peer-cacert.pem
Specifies a PEM file that contains one or more additional certificates
to send to SSL peers. peer-cacert.pem should be the CA
certificate used to sign the program's own certificate, that is, the
certificate specified on -c
or --certificate
.
If the program's certificate is self-signed, then
--certificate
and --peer-ca-cert
should specify
the same file.
This option is not useful in normal operation, because the SSL peer must already have the CA certificate for the peer to have any confidence in the program's identity. However, this offers a way for a new installation to bootstrap the CA certificate on its first SSL connection.