25 Oct
2018
25 Oct
'18
17:15
On 10/25/18 6:15 PM, Cristian Rodríguez wrote:
Something must hard require ca-certificates for the package manager to be functional by default, It is libcrypto that ends *using* the package, but any application that calls SSL_CTX_set_default_verify_paths will need it.
I also noticed a change with that: Basically it broke my Python scripts using libldap setting a separate trusted CA cert via env var LDAPTLS_CACERT (see ldap.conf(5), section "ENVIRONMENT VARIABLES"). As a work-around I'm now setting the trusted CA cert within the Python script via ldap_setoption(). I consider this a serious bug. Unfortunately my attempts to track this down did not end with concrete results. Not even enough to write a bug report. Ciao, Michael.