Hi Adam, Can you make the TLS call work with a command line tool like openssl? I'm not 100% sure but I think that Chrome might use a different set of trusted certs (based on the Mozilla ones) [1].
~ [1] https://www.chromium.org/Home/chromium-security/root-ca-policy On 18 February 2016 at 13:53, Adam Russell <adam...@gmail.com> wrote: > Hello Nix-Dev, > > I'm trying to understand how to install CA certificates in NixOS. > > If I visit my work's webmail in Chromium, I get an indicator that my > connection is not private. Clicking the padlock icon in the address bar, > then the "Certificate information" link in the Connection tab, going to the > "Details" tab, and clicking "Export" allows me to download a certificate. > > The text in this export is what I am supposed to put in the array in > `security.pki.certificates` option of `/etc/nixos/configuration.nix`, > correct? Am I missing something? > > The documentation I am using is at: > https://github.com/NixOS/nixpkgs/blob/6e6a96d42cf56cfcd042bbeab89e37f442f0cfcc/nixos/modules/security/ca.nix#L39-L45 > > Does the text above the equal signs have any significance ("NixOS.org" in > the example), or is it just a comment? > > Thanks, > -Adam > > _______________________________________________ > nix-dev mailing list > nix-dev@lists.science.uu.nl > http://lists.science.uu.nl/mailman/listinfo/nix-dev > >
_______________________________________________ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev