On Tue, Nov 21, 2017 at 10:21 AM, Patrick Ohly <[email protected]> wrote: > On Tue, 2017-11-21 at 10:06 -0200, Otavio Salvador wrote: >> On Tue, Nov 21, 2017 at 6:04 AM, Patrick Ohly <[email protected] >> > wrote: >> > On Thu, 2017-02-09 at 21:38 +0200, Jussi Kukkonen wrote: >> > There is https://bugzilla.yoctoproject.org/show_bug.cgi?id=9883 >> > open >> > about some aspect of this, but it doesn't actually address the >> > underlying question about what the right behavior should be. It's >> > based >> > on the assumption that libcurl-native should always use ca- >> > certificates-native. >> > >> > Thoughts anyone? >> >> I agree it should use ca-certificates-native for all native; it >> allows for self-signed internal certificates to be added for internal >> development. > > But that's not what bitbake itself uses. Are you saying that bitbake > fetchers etc. should also use whatever certificates are configured for > ca-certificates-native? That leads to a chicken-and-egg problem. > > A solution where custom certificates need to be configured in two > different places (system for bitbake, ca-certificates-native for some > other tools) sounds sub-optimal to me.
I know and we could override it to a place. We ended doing it ourselves: https://github.com/updatehub/meta-updatehub/commit/e9c34faddb6a59d560147798b37ac6a0e3fa57bf but this is not generic. -- Otavio Salvador O.S. Systems http://www.ossystems.com.br http://code.ossystems.com.br Mobile: +55 (53) 9981-7854 Mobile: +1 (347) 903-9750 -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
