[Pkg-openssl-devel] Bug#805646: Bug#805646: Bug#805646: Package using openssl functions does not find default certificates

Kurt Roeckx kurt at roeckx.be
Tue Sep 13 17:46:36 BST 2022


On Tue, Sep 13, 2022 at 06:40:19PM +0200, Sebastian Andrzej Siewior wrote:
> On 2022-09-13 18:30:05 [+0200], Kurt Roeckx wrote:
> > > > 3) provide a symlink from /usr/lib/ssl/cert.pem to
> > > >    /etc/ssl/certs/ca-certificates.crt
> > > 
> > > Kurt, I tend to provide this symlink. Any objections?
> > > I'm kind of confused that it works for others, like curl. But I don't
> > > see anything wrong with what is done in this bug report.
> > 
> > We have a symlink from /usr/lib/ssl/certs to /etc/ssl/certs for ages.
> 
> what I see is:
> | openat(AT_FDCWD, "/usr/lib/ssl/openssl.cnf", O_RDONLY) = 3
> | openat(AT_FDCWD, "/usr/lib/ssl/cert.pem", O_RDONLY) = -1 ENOENT (No such file or directory)
> | openat(AT_FDCWD, "/usr/lib/ssl/cert.pem", O_RDONLY) = -1 ENOENT (No such file or directory)
> 
> This is X509_CERT_FILE / X509_get_default_cert_file().
> 
> So it would need a symlink from this non existing file to
> /etc/ssl/certs/ca-certificates.crt which is provided/ created by
> ca-certificates.

That works for me.


Kurt



More information about the Pkg-openssl-devel mailing list