Reorder self-update opts and correct requirements

src/Composer/Command/SelfUpdateCommand.php

@@ -42,8 +42,9 @@ class SelfUpdateCommand extends Command
             ->setDefinition(array(
                 new InputOption('rollback', 'r', InputOption::VALUE_NONE, 'Revert to an older installation of composer'),
                 new InputOption('clean-backups', null, InputOption::VALUE_NONE, 'Delete old backups during an update. This makes the current version of composer the only backup available after the update'),
+                new InputOption('disable-tls', null, InputOption::VALUE_NONE, 'Disable SSL/TLS protection for HTTPS requests'),
+                new InputOption('cafile', null, InputOption::VALUE_REQUIRED, 'The path to a valid CA certificate file for SSL/TLS certificate verification'),
                 new InputArgument('version', InputArgument::OPTIONAL, 'The version to update to'),
-                new InputOption('disable-tls', null, InputArgument::VALUE_NONE, 'Disable SSL/TLS protection for HTTPS requests'),
             ))
             ->setHelp(<<<EOT
 The <info>self-update</info> command checks getcomposer.org for newer
@@ -75,6 +76,9 @@ EOT
             if (!is_null($config->get('cafile'))) {
                 $remoteFilesystemOptions = array('ssl'=>array('cafile'=>$config->get('cafile')));
             }
+            if (!is_null($input->get('cafile'))) {
+                $remoteFilesystemOptions = array('ssl'=>array('cafile'=>$input->get('cafile')));
+            }
             $remoteFilesystem = new RemoteFilesystem($this->getIO(), $remoteFilesystemOptions);
         } catch (TransportException $e) {
             if (preg_match('|cafile|', $e->getMessage())) {