[Pkg-openssl-devel] Bug#805646: Package using openssl functions does not find default certificates
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Tue Sep 13 16:23:43 BST 2022
On 2016-01-04 23:50:10 [+0100], Jan Dittberner wrote:
> I don't know whether this will have negative side effects but from my point
> of view it would be nice if the openssl package would do one of the
> following to properly solve this issue:
>
> 1) properly load certificates from /etc/ssl/certs when
> SSL_CTX_set_default_verify_paths is called
so I guess this works but it does not provide what it should provide,
right Kurt?
> 2) change the default paths to /etc/ssl/certs and
> /etc/ssl/certs/ca-certificates.crt instead of /usr/lib/ssl/certs and
> /usr/lib/ssl/cert.pem
>
> 3) provide a symlink from /usr/lib/ssl/cert.pem to
> /etc/ssl/certs/ca-certificates.crt
Kurt, I tend to provide this symlink. Any objections?
I'm kind of confused that it works for others, like curl. But I don't
see anything wrong with what is done in this bug report.
> Best regards
> Jan Dittberner
Sebastian
More information about the Pkg-openssl-devel
mailing list