Load port:curl-ca-certificates
the cert will be in ${prefix}/share/curl/curl-ca-bundle.crtOn Dec 11, 2009, at 7:21 PM, Thomas Keller wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > Hi! > > I'm currently trying to get a python-based cli client running which > bases its ssl implementation on py25-m2crypto. > > The latter package has a load_verify_locations() method in > SSL/Context.py which takes either a single pem / root cert or a > directory of certs. The aforementioned cli client now tries to guess > these verify locations by checking for the existence of either > /etc/ssl/certs or /etc/pki/tls/cert.pem, which of course both do not > exist on OSX. > > What I've found out on the whole root cert topic (I'm pretty new to > this) is that OSX stores the root certs in proprietary binary keychain > file(s) under /System/Library/Keychains, which py25-m2crypto can't > handle. So the question arises how py25-m2crypto could either be made to > accept this keychain format or how this has been handled for other ports > / parts in MacPorts. (I guess internally py25-m2crypto also only uses > openssl somehow and I hope there is already a solution for this.) > > Patching the load_verify_locations() step out of the cli clients code > will work temporarily, until of course I get an openssl prompt which > asks me if I want to accept the (for openssl) unknown, but valid remote > site certificate for which it misses a root cert... > > Any hints? > > Thanks in advance, > Thomas. > > - -- > GPG-Key 0x160D1092 | [email protected] | http://thomaskeller.biz > Please note that according to the EU law on data retention, information > on every electronic information exchange might be retained for a period > of six months or longer: http://www.vorratsdatenspeicherung.de/?lang=en > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (Darwin) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAksi4fgACgkQaf7NlBYNEJLl+QCdGItmij0LQnMgHy/XTqh4ToRS > c28AniDdz+Dq12IRd5As/8e9FlGR94T/ > =cXqj > -----END PGP SIGNATURE----- > _______________________________________________ > macports-dev mailing list > [email protected] > http://lists.macosforge.org/mailman/listinfo.cgi/macports-dev >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ macports-dev mailing list [email protected] http://lists.macosforge.org/mailman/listinfo.cgi/macports-dev
