cordon trust
Add the proxy CA certificate to the system trust store so tools accept the proxy’s TLS certificates.
| Option | Default | Description |
|---|
--config, -c | cordon.toml | Path to config file (to locate the CA cert) |
cordon trust, most tools — curl, Go, Rust, Python, Ruby, C#/.NET — will trust the proxy automatically.
Node.js does not use the system trust store. You must also set NODE_EXTRA_CA_CERTS to the absolute path of your CA certificate (found in cordon.toml under tls.ca_cert_path).
cordon untrust
Remove the proxy CA certificate from the system trust store.
| Option | Default | Description |
|---|
--config, -c | cordon.toml | Path to config file |
