[Bug 193871] Certificates in /etc/ssl/certs not considered by pkg and fetch
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Jan 3 20:48:51 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=193871
--- Comment #3 from John W. O'Brien <john at saltant.com> ---
The fundamental problem is that libfetch always sets the CA cert file
(defaulting to /usr/local/etc/ssl/cert.pem if it exists or to /etc/ssl/cert.pem
otherwise), and openssl will return from X509_STORE_load_location() upon
failure to load the CAfile before trying to register the CApath. I will propose
a patch shortly.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-security
mailing list