On Tue, 2017-11-21 at 10:06 -0200, Otavio Salvador wrote: > On Tue, Nov 21, 2017 at 6:04 AM, Patrick Ohly <patrick.o...@intel.com > > wrote: > > On Thu, 2017-02-09 at 21:38 +0200, Jussi Kukkonen wrote: > > There is https://bugzilla.yoctoproject.org/show_bug.cgi?id=9883 > > open > > about some aspect of this, but it doesn't actually address the > > underlying question about what the right behavior should be. It's > > based > > on the assumption that libcurl-native should always use ca- > > certificates-native. > > > > Thoughts anyone? > > I agree it should use ca-certificates-native for all native; it > allows for self-signed internal certificates to be added for internal > development.
But that's not what bitbake itself uses. Are you saying that bitbake fetchers etc. should also use whatever certificates are configured for ca-certificates-native? That leads to a chicken-and-egg problem. A solution where custom certificates need to be configured in two different places (system for bitbake, ca-certificates-native for some other tools) sounds sub-optimal to me. -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core