[Pkg-openssl-devel] Bug#805646: Bug#805646: Package using openssl functions does not find default certificates
Kurt Roeckx
kurt at roeckx.be
Tue Sep 13 17:30:05 BST 2022
On Tue, Sep 13, 2022 at 05:23:43PM +0200, Sebastian Andrzej Siewior wrote:
> On 2016-01-04 23:50:10 [+0100], Jan Dittberner wrote:
> > I don't know whether this will have negative side effects but from my point
> > of view it would be nice if the openssl package would do one of the
> > following to properly solve this issue:
> >
> > 1) properly load certificates from /etc/ssl/certs when
> > SSL_CTX_set_default_verify_paths is called
>
> so I guess this works but it does not provide what it should provide,
> right Kurt?
>
> > 2) change the default paths to /etc/ssl/certs and
> > /etc/ssl/certs/ca-certificates.crt instead of /usr/lib/ssl/certs and
> > /usr/lib/ssl/cert.pem
> >
> > 3) provide a symlink from /usr/lib/ssl/cert.pem to
> > /etc/ssl/certs/ca-certificates.crt
>
> Kurt, I tend to provide this symlink. Any objections?
> I'm kind of confused that it works for others, like curl. But I don't
> see anything wrong with what is done in this bug report.
We have a symlink from /usr/lib/ssl/certs to /etc/ssl/certs for ages.
Kurt
More information about the Pkg-openssl-devel
mailing list