On Mon, 03 Nov 2008, Elan Ruusamäe wrote: > hmm, why the certificates bundle is openssl specific? > [EMAIL PROTECTED] pld/SPECS $ rpm -qf /etc/openssl/ca-certificates.crt > ca-certificates-20080809-3.noarch
Because it's replacement for bundle formerly provided by openssl, and only programs linked with openssl use it. > and why openssl-tools is required? > [EMAIL PROTECTED] pld/SPECS $ rpm -qf /etc/openssl > openssl-tools-0.9.7m-1.i686 I don't care for AC. iow your install is b0rken: [EMAIL PROTECTED] ~]$ rpm -qf /etc/openssl openssl-0.9.8i-3.i686 > what's the purpose of /etc/certs then > [EMAIL PROTECTED] pld/SPECS $ rpm -qf /etc/certs > filesystem-2.3-1.i686 Wild guess - for local certificates. > i would store it as /etc/certs/ca-bundle.crt and let the package depend on > filesystem only. i can't find any pkg right now using ssl ca certs in .crt > format and not linked with openssl, but openssl-tools definately isn't > neccessary. openssl-tools is your problem, not distro. And you'll have to tell openssl of that change. I don't really care where this file is, but please keep the ca-certificates.crt name. > also, should we also let nss build from ca-certificates it's source? (so we > have one centric source for certificates) Good luck. Personally I will just wait for when nss won't be a piece of crap and starts supporting CA bundles. Janek -- Jan Rekorajski | ALL SUSPECTS ARE GUILTY. PERIOD! baggins<at>mimuw.edu.pl | OTHERWISE THEY WOULDN'T BE SUSPECTS, WOULD THEY? BOFH, MANIAC | -- TROOPS by Kevin Rubio _______________________________________________ pld-devel-en mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
