https://bugzilla.novell.com/show_bug.cgi?id=852713 https://bugzilla.novell.com/show_bug.cgi?id=852713#c6 Ludwig Nussel <lnussel@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED InfoProvider|lnussel@suse.com | --- Comment #6 from Ludwig Nussel <lnussel@suse.com> 2013-12-09 09:04:24 CET --- (In reply to comment #4)
So, apparently there's been a change in openSSL recently, which deprecated the /etc/ssl/certs:
------------------------------------------------------------------- Tue Jul 2 09:02:59 UTC 2013 - lnussel@suse.de
- Don't use the legacy /etc/ssl/certs directory anymore but rather the p11-kit generated /var/lib/ca-certificates/openssl one (fate#314991, openssl-1.0.1e-truststore.diff)
Ludwig, Apparently the /etc/ssl/certs and the /var/lib/ca-certificates/openssl differ, (eg. on my machine the SUSE CA is only in /etc/ssl/certs) Is this expected?
No. You need to put custom certificates in /etc/pki/trust/anchors resp /usr/share/pki/trust/anchors/, then run update-ca-certificates.
Should the user add it by hand? Or in this case specify using /etc/ssl/certs?
Calling SSL_CTX_set_default_verify_paths() does the right thing. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.