On 2014/01/13 20:24, Stuart Henderson wrote: > Any comments on adding this to cert.pem? It is for SPI, non-profit org which > was originally created as a 501c(3) for Debian, this cert is used to sign keys > for alioth.debian.org which affects as it's a site hosting distfiles for > various ports, it's also used to sign certificates for OFTC.net IRC servers.
Another way we could handle this for ports distfiles, is to change ports infrastructure to allow a port to provide its own cafile and pick that up and pass to ftp -S cafile=... (overriding /etc/ssl/cert.pem) if present..