f90dad3fd12f2d38f0407507297343d692a56a48
galt
  Fri Nov 19 14:42:03 2021 -0800
Adding log setting to httpsCertCheck and making it the new default. This makes it even softer on users, gives us more time to prepare, only logs certs to stderr and only if run as a CGI so that SCRIPT_NAME env var is set. The user does not see anything diffent in behavior and output for log level, but we see cert issues in the log.

diff --git src/product/mirrorManual.txt src/product/mirrorManual.txt
index f8dd4d1..c4394ed 100644
--- src/product/mirrorManual.txt
+++ src/product/mirrorManual.txt
@@ -1332,33 +1332,33 @@
 generally looks like this:
 
     hPrintf("<FORM ACTION=\"%s\" NAME=\"mainForm\" METHOD=%s>\n",
     getScriptName(), cartUsualString(cart, "formMethod", "POST"));
 
 If you add &formMethod=GET and a subsequently fetched form is still
 posting, you might need to alter the "<FORM..." statement to use the
 cartUsualString.
 
 The hg18 hgTracks config page generates a GET URL that is too long for
 FireFox, so after debugging hgTables, you will probably want to add
 &formMethod=POST to an URL (or clear cart, load session etc).
 
 One thing that does not work with GET is "upload file" inputs.
 
-# HTTPS Certificate Check for Verification Settings are: abort warn none
-# currently the default is warn
-httpsCertCheck=warn
+# HTTPS Certificate Check for Verification Settings are: abort warn log none
+# currently the default is log
+httpsCertCheck=log
 # domains to whitelist, skip cert checking, space-separated list
 httpsCertCheckDomainExceptions=somedomain1.com somedomain2.edu
 
 
 # Proxy support
 
 net.c now has support for http(s) proxy servers
 which may be required by some installations
 to get through the firewall to external resources
 such as (but not limited to) for example 
 bigWig or bigBed data via custom track bigDataUrl.
 
 One must add the setting "httpProxy", "httpsProxy", "ftpProxy" to hg.conf
 
     httpProxy=http://someProxyServer:3128