On Tue, Sep 13, 2022 at 05:23:43PM +0200, Sebastian Andrzej Siewior wrote: > On 2016-01-04 23:50:10 [+0100], Jan Dittberner wrote: > > I don't know whether this will have negative side effects but from my point > > of view it would be nice if the openssl package would do one of the > > following to properly solve this issue: > > > > 1) properly load certificates from /etc/ssl/certs when > > SSL_CTX_set_default_verify_paths is called > > so I guess this works but it does not provide what it should provide, > right Kurt? > > > 2) change the default paths to /etc/ssl/certs and > > /etc/ssl/certs/ca-certificates.crt instead of /usr/lib/ssl/certs and > > /usr/lib/ssl/cert.pem > > > > 3) provide a symlink from /usr/lib/ssl/cert.pem to > > /etc/ssl/certs/ca-certificates.crt > > Kurt, I tend to provide this symlink. Any objections? > I'm kind of confused that it works for others, like curl. But I don't > see anything wrong with what is done in this bug report.
We have a symlink from /usr/lib/ssl/certs to /etc/ssl/certs for ages. Kurt
