curl maintainer, I was in contact with my web host to inquire if their installation of curl from the FreeBSD Ports could include the Mozilla CA bundle. I am attempting to use curl to connect to a site using the StartCom SSL CA (http://www.startssl.com/), which is included with the Mozilla bundle, but evidently not with the default CA bundle included with curl. As such, my use of curl meets with errors relating to the fact that it doesn't recognize the CA.
I asked that they include the bundle in their installation, but they said, "That would require us to manually update the installed list on each and every one of our machines after each and every curl update. Curl updates very frequently and we have a lot of machines, so that is simply not feasible." They suggested that I contact the port maintainer and ask if you could alter the port of curl to use the Mozilla CA bundle automatically. Evidently this is quite common with Linux distributions. If this were the case, all of the host's systems would pick up the change automatically. Additionally, my host suggested, "It may be worth mentioning to him/her/it that the Mozilla CA list is already available on FreeBSD in PEM format as security/ca_root_nss, so it may be as simple as adding a port dependency and changing src/lib/ca-bundle.h." Is it possible to include the Mozilla CA bundle with curl? Cheers! -Pete -- Pete Stephenson HeyPete.com
smime.p7s
Description: S/MIME Cryptographic Signature