Re: Managing pkgsrc openssl certs

To: tech-userlevel%netbsd.org@localhost
Subject: Re: Managing pkgsrc openssl certs
From: Edgar Fuß <ef%math.uni-bonn.de@localhost>
Date: Wed, 18 Feb 2026 11:17:22 +0100

On Mon, Feb 16, 2026 at 05:18:38PM +0100, Edgar Fuß wrote:
> Now we have certctl(8) for base openssl, what's the recommended way of 
> magaging pkgsrc openssl's certs (e.g. /usr/pkg/etc/openssl/certs)?
To elaborate: I can call
	certctl -C /usr/pkg/etc/openssl/certs.conf -c /usr/pkg/etc/openssl/certs -u /usr/pkg/etc/openssl/untrusted
but certctl calls openssl rehash, which may call base openssl or pkgsrc 
openssl depending on the order in PATH. I can call
	PATH=/usr/pkg/bin:.... certctl ...
but that smells like a hack.

Could certctl get an option to specify which openssl to call?

References:
- Managing pkgsrc openssl certs
  - From: Edgar Fuß

Prev by Date: Managing pkgsrc openssl certs
Next by Date: ccgconfig(8) questions
Previous by Thread: Managing pkgsrc openssl certs
Next by Thread: ccgconfig(8) questions
Indexes:

Home | Main Index | Thread Index | Old Index