On Mon, Sep 29, 2014 at 4:41 PM, Hisham Muhammad <his...@gobolinux.org>
wrote:

> Hi,
>
> I've been getting lots of "invalid certificate" errors from curl and
> wget lately. The reason is because I didn't have the CA-Certificates
> package in my system.
>
> I installed it (had to build Golang in the process!) but then I had
> some trouble to get curl and wget to find the certificates.
>
> I rebuilt Curl using --with-ca-path to make it point to /usr/lib/ssl,
> and now Curl is happy.
>
> For Wget, it gets the default path from OpenSSL. I noticed then that
> OpenSSL is configured so that "openssldir" points to
> /Programs/OpenSSL/Settings/ssl (it's a configure flag:
> "--openssldir=$settings_target/ssl" ).
>
> I'm thinking of moving that to "/usr/lib/ssl", so that certificates
> installed by the CA-Certificates package are found. (This is closer to
> the default from upstream, /usr/local/ssl — it doesn't seem to be an
> etc-style path.)
>
> I'm sending this message before I upload the recipe because this may
> have consequences with existing installations that installed custom
> certificates at Settings/ssl/certs... you may need to use openssl.cnf
> to make it find them there.
>
> Does anyone have any objection to this change?
>

None from my side.

-- 
Lucas
"If you're looking for a reason I've a reason to give: pleasure, little
treasure"
_______________________________________________
gobolinux-devel mailing list
gobolinux-devel@lists.gobolinux.org
http://lists.gobolinux.org/mailman/listinfo/gobolinux-devel

Reply via email to