Re: CA bundle for cadaver/neon

To: Jonathan Perkin <jperkin%mnx.io@localhost>
Subject: Re: CA bundle for cadaver/neon
From: Emmanuel Dreyfus <manu%netbsd.org@localhost>
Date: Thu, 20 Oct 2022 14:29:46 +0000

On Thu, Oct 20, 2022 at 02:51:30PM +0100, Jonathan Perkin wrote:
> SSLCERTBUNDLE is certainly incorrect if using the bundle from pkgsrc, as
> that is definitely named ca-certificates.crt not ca-bundle.crt.
> 
> At this point only www/curl uses that variable though

Then we could change SSLCERTBUNDLE in pkgsrc/security/openssl/builtin.mk
to ${SSLCERTS}/ca-certificates.crt and do this in pkgsrc/www/curl/Makefile

CURL_SSLCERTBUNDLE=${SSLCERTS}/ca-bundle.crt
.if !empty(CURL_SSLCERTBUNDLE)
CONFIGURE_ARGS+=        --with-ca-bundle=${CURL_SSLCERTBUNDLE}
.elif !empty(SSLCERTBUNDLE)
CONFIGURE_ARGS+=        --with-ca-bundle=${SSLCERTBUNDLE}
.else
CONFIGURE_ARGS+=        --with-ca-path=${SSLCERTS}
.endif

That way we would avoid further mistakes and avoid breaking curl.

-- 
Emmanuel Dreyfus
manu%netbsd.org@localhost

Follow-Ups:
- Re: CA bundle for cadaver/neon
  - From: Jonathan Perkin

References:
- CA bundle for cadaver/neon
  - From: Emmanuel Dreyfus
- Re: CA bundle for cadaver/neon
  - From: Jonathan Perkin
- Re: CA bundle for cadaver/neon
  - From: Emmanuel Dreyfus
- Re: CA bundle for cadaver/neon
  - From: Jonathan Perkin

Prev by Date: Re: CA bundle for cadaver/neon
Next by Date: Re: CA bundle for cadaver/neon
Previous by Thread: Re: CA bundle for cadaver/neon
Next by Thread: Re: CA bundle for cadaver/neon
Indexes:

Home | Main Index | Thread Index | Old Index