https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228621
Jeremy Chadwick <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #3 from Jeremy Chadwick <[email protected]> --- I haven't seen this error myself and I bet many users haven't as well. My theory is that this is because we happen to have ca_root_nss installed via pkg (a.k.a. security/ca_root_nss in ports). This is a common dependency in many different packages. ca_root_nss package is responsible for creating /usr/local/etc/ssl/cert.pem, which base system OpenSSL (libssl.so.8) reads/honours. You can verify this with truss. pkg info -l ca_root_nss will not show this file in its packaging list because of how ca_root_nss works. Some part of the pkg/port creates a hard link of /usr/local/etc/ssl/cert.pem --> /usr/local/share/certs/ca-root-nss.crt, of which the latter *is* in the package list. The pkg-message says it uses a symlink but this is false; see PR 228550 for details. This is really part of a bigger problem that is the whole "base system" concept, but I don't want to get off-topic. The --no-verify-peer kludge should be acceptable, though I would strongly suggest asking secteam@ first. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "[email protected]"
