On Mon, Sep 29, 2014 at 6:05 PM, Hisham Muhammad <his...@gobolinux.org> wrote:
> On 29 September 2014 17:26, Lucas C. Villa Real <luca...@gobolinux.org> > wrote: > > On Mon, Sep 29, 2014 at 4:41 PM, Hisham Muhammad <his...@gobolinux.org> > > wrote: > >> > >> Hi, > >> > >> I've been getting lots of "invalid certificate" errors from curl and > >> wget lately. The reason is because I didn't have the CA-Certificates > >> package in my system. > >> > >> I installed it (had to build Golang in the process!) but then I had > >> some trouble to get curl and wget to find the certificates. > >> > >> I rebuilt Curl using --with-ca-path to make it point to /usr/lib/ssl, > >> and now Curl is happy. > >> > >> For Wget, it gets the default path from OpenSSL. I noticed then that > >> OpenSSL is configured so that "openssldir" points to > >> /Programs/OpenSSL/Settings/ssl (it's a configure flag: > >> "--openssldir=$settings_target/ssl" ). > >> > >> I'm thinking of moving that to "/usr/lib/ssl", so that certificates > >> installed by the CA-Certificates package are found. (This is closer to > >> the default from upstream, /usr/local/ssl — it doesn't seem to be an > >> etc-style path.) > >> > >> I'm sending this message before I upload the recipe because this may > >> have consequences with existing installations that installed custom > >> certificates at Settings/ssl/certs... you may need to use openssl.cnf > >> to make it find them there. > >> > >> Does anyone have any objection to this change? > > > > > > None from my side. > > > All right then, uploading recipes. With the latest CA-Certificates, > OpenSSL, Curl and Wget one should get rid of any certificate > complaints. (Perhaps this will make even Git happy too. I've been > using `export GIT_SSL_NO_VERIFY=true` to get stuff from github...) > > Hopefully. That workaround for git has even been introduced on Compile a while ago.. Lucas
_______________________________________________ gobolinux-devel mailing list gobolinux-devel@lists.gobolinux.org http://lists.gobolinux.org/mailman/listinfo/gobolinux-devel
