[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#46779: GnuTLS uses the hard-coded /etc/ssl/certs location for TLS ce
From: |
Maxim Cournoyer |
Subject: |
bug#46779: GnuTLS uses the hard-coded /etc/ssl/certs location for TLS certificates |
Date: |
Thu, 25 Feb 2021 15:03:01 -0500 |
Hello,
Consider this:
$ guix environment --container --network -E SSL --expose=$SSL_CERT_FILE
--expose=$SSL_CERT_DIR --ad-hoc wget -- wget https://gnu.org
It works on a Guix System, but fails on a foreign distribution, even in
a profile where nss-certs were installed and with the above SSL
environment value properly set.
This is because GnuTLS, which wget uses, looks up the certificates under
the /etc/ssl/certs hard-coded location. On Guix System, the
SSL_CERT_FILE is set to /etc/ssl/certs/ca-certificates.crt, which
explains why it works there.
We should patch GnuTLS so that it also honors the SSL_* environment
variables documented in the Guix manual.
Maxim
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- bug#46779: GnuTLS uses the hard-coded /etc/ssl/certs location for TLS certificates,
Maxim Cournoyer <=