Cristian Rodríguez schrieb:
Something must hard require ca-certificates for the package manager to be functional by default, It is libcrypto that ends *using* the package, but any application that calls SSL_CTX_set_default_verify_paths will need it. before just sticking a "Requires: ca-certificates" to the libopenssl package I want to know if this is intentional to force calling applications to require the package in question or is simply an oversight.
ca-certificates doesn't include any certificates. So requiring it won't have the desired effect. ca-certificates recommends ca-certificates-mozilla which includes the recommended set of root CA certs. But then libopenssl1_1* already recommends ca-certificates-mozilla too so noop again. ca-certificates-mozilla is not hard required anywhere as appliances or containers may want to operate with a different set of CA certs. IOW if you install with --no-recommends you better know what you are doing. Looks like you spent some thought on deciding that "systemd shadow zypper openSUSE-release vim" is sufficient for your use case, intentionally left out ca-certificates-mozilla and yet used https for the repo. You have to decide what you want :-) cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.com/ SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org