cordon trust
Add the proxy CA certificate to the system trust store so tools accept the proxy’s TLS certificates.
| Option | Default | Description |
|---|
--config, -c | cordon.yaml | Path to config file (to locate the CA cert) |
cordon trust, most tools — curl, Go, Rust, Python, Ruby, C#/.NET — will trust the proxy automatically.
Node.js does not use the system trust store. You must also set NODE_EXTRA_CA_CERTS=./ca-cert.pem.
cordon untrust
Remove the proxy CA certificate from the system trust store.
| Option | Default | Description |
|---|
--config, -c | cordon.yaml | Path to config file |
