On Tue, 2011-11-01 at 10:25 +0100, Alain Knaff wrote: > syncevolution does have a SSLServerCertificates setting in > .config/syncevolution/default/peers/<peer>/config.ini > > After pointing this to the file for the CA certificate (StartSSL), as > found out by stracing wget, everything works fine: > > SSLServerCertificates = /etc/certs/common-ca/33815e15.0 > > > Pointing it to the CA certificate directory does not work though: > > [INFO] CurlTransport Failure: error setting certificate verify locations: > CAfile: /etc/certs/common-ca/ > CApath: none > > > Maybe syncevolution could check whether the setting points to a file or > to a directory, and set CApath rather than CAfile if it is a directory?
"CURLOPT_CAPATH" - "This option is OpenSSL-specific and does nothing if libcurl is built to use GnuTLS." - how is libcurl built on the N900? I don't mind adding such a feature, I just don't know whether it'll help. > Also, wouldn't "SSLCACertificates" be a more appropriate name (it is > supposed to point to a CA certificate rather than a server certificate, > or does it accept both?) That depends a lot on the underlying transport and/or platform. SyncEvolution just passes that value through. -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. _______________________________________________ SyncEvolution mailing list SyncEvolution@syncevolution.org http://lists.syncevolution.org/listinfo/syncevolution