Re: Openssl and certificate directory

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Openssl and certificate directory

From:	Ludovic Courtès
Subject:	Re: Openssl and certificate directory
Date:	Sun, 08 Feb 2015 15:22:54 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/24.4 (gnu/linux)

Andreas Enge <address@hidden> skribis:

> On Sat, Feb 07, 2015 at 08:57:32PM -0500, Mark H Weaver wrote:
>> Unlike GnuTLS, OpenSSL supports setting the trust store location using
>> environment variables, specifically SSL_CERT_DIR and SSL_CERT_FILE.
>> Shouldn't we just use those?
>
> I had read about these, but the documentation mentions them only in the
> context of c_rehash. So I thought they were not generally applicable. But
> indeed they are, I just tried SSL_CERT_DIR with youtube-dl. Also, it can be
> a ":" separated list of directories. So we should probably encourage its
> usage by defining a search path with our (future) certificate packages.

[...]

> So maybe we do not need it at all? What do you think?

I agree, we should just use SSL_CERT_DIR and SSL_CERT_FILE.

We could indeed add a ‘search-path-specification’ in OpenSSL for
SSL_CERT_DIR.

Thanks,
Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

Openssl and certificate directory, Andreas Enge, 2015/02/07
- Re: Openssl and certificate directory, Mark H Weaver, 2015/02/07
  - Re: Openssl and certificate directory, Andreas Enge, 2015/02/08
    - Re: Openssl and certificate directory, Ludovic Courtès <=
    - Re: Openssl and certificate directory, Mark H Weaver, 2015/02/08

Prev by Date: Re: [PATCH] gnu: gnutls: Configure location of system-wide trust store
Next by Date: Re: [PATCH] gnu: Add srt2vtt.
Previous by thread: Re: Openssl and certificate directory
Next by thread: Re: Openssl and certificate directory
Index(es):
- Date
- Thread