$ gpg --auto-key-locate dane --locate-keys stargrave at stargrave dot org
$ gpg --auto-key-locate wkd --locate-keys stargrave at gnupg dot net
$ gpg --verify cert.pem.asc
-$ SSL_CERT_FILE=cert.pem GIT_SSL_CAINFO=cert.pem redo all
+$ SSL_CERT_FILE=`pwd`/cert.pem GIT_SSL_CAINFO=`pwd`/cert.pem redo all
@end example
@item
(set to an empty string to disable DANE lookups):
@example
-$ ./tofuproxy
-main.go:316: listening: [::1]:8080
+$ ./tofuproxy.cmd
+main.go:316: listening: [::1]:8080 certs: ./certs
@end example
@item Trust your newly generated CA: