On Mon, Sep 29, 2014 at 4:41 PM, Hisham Muhammad <his...@gobolinux.org> wrote:
> Hi, > > I've been getting lots of "invalid certificate" errors from curl and > wget lately. The reason is because I didn't have the CA-Certificates > package in my system. > > I installed it (had to build Golang in the process!) but then I had > some trouble to get curl and wget to find the certificates. > > I rebuilt Curl using --with-ca-path to make it point to /usr/lib/ssl, > and now Curl is happy. > > For Wget, it gets the default path from OpenSSL. I noticed then that > OpenSSL is configured so that "openssldir" points to > /Programs/OpenSSL/Settings/ssl (it's a configure flag: > "--openssldir=$settings_target/ssl" ). > > I'm thinking of moving that to "/usr/lib/ssl", so that certificates > installed by the CA-Certificates package are found. (This is closer to > the default from upstream, /usr/local/ssl — it doesn't seem to be an > etc-style path.) > > I'm sending this message before I upload the recipe because this may > have consequences with existing installations that installed custom > certificates at Settings/ssl/certs... you may need to use openssl.cnf > to make it find them there. > > Does anyone have any objection to this change? > None from my side. -- Lucas "If you're looking for a reason I've a reason to give: pleasure, little treasure"
_______________________________________________ gobolinux-devel mailing list gobolinux-devel@lists.gobolinux.org http://lists.gobolinux.org/mailman/listinfo/gobolinux-devel