Andrew Benton wrote: > On Fri, 14 Oct 2011 21:45:00 -0400 > Jonathan Oksman <[email protected]> wrote: > >> /etc/ssl/certs makes sense to me. I'm an /etc minimalist though and >> don't like having extra content without a really good reason. >> >> /etc/pki could make sense if you wanted your certificate information >> available in a single location independent of ssl specifically, but I >> can't think of any reason for BLFS since there are no other packages >> that directly handle certificates in use, as far as I recall. > > You raise a good point; what program is going to use these > certificates? It seems to me that different programs handle ssl > certificates in different ways.
Programs I can think of right now are browsers, ssh/scp, wget, curl, pop3s, imaps, gnutls, bind, apache, vsftpd, ldap, cups, subversion, and mysql. Many of these will use openssl as the underlying implementation, but they may specify their own location for certificates. I guess we should go ahead and continue to use /etc/ssl/certs and handle other situations as they come up as needed. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
