Stefan Caunter dixit: >Yes, that's OpenSSL - you need to put the certs in that directory and >make sure they are hashed. The .shar file has done this for you. Make >sure that the SSL_CERT_FILE and SSL_CERT_DIR variables are exported to >your shell.
Actually, OpenSSL needs SSL_CERT_DIR and the hashed files from the .shar file, while GnuTLS needs SSL_CERT_FILE and them concatenated all into one I suggest the following: $ wget http://www.freewrt.org/~tg/debs/dists/hardy/wtf/pkgs/ca-bundle/ca-bundle_20090709_all.deb $ sudo dpkg -i ca-bundle_20090709_all.deb Then set it to /etc/ssl/certs/ca-certificates.crt instead. Lynx is, sadly, linked with inferior GnuTLS on Debian and derivates, which also cannot yet handle X.509v3 subjectAltName extensions on certificates such as the one on www.mirbsd.org ☹ //mirabilos -- “It is inappropriate to require that a time represented as seconds since the Epoch precisely represent the number of seconds between the referenced time and the Epoch.” -- IEEE Std 1003.1b-1993 (POSIX) Section B.2.2.2 _______________________________________________ Lynx-dev mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/lynx-dev
