[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Certificates in pure and containerized environments
|
From: |
Konrad Hinsen |
|
Subject: |
Re: Certificates in pure and containerized environments |
|
Date: |
Fri, 08 Oct 2021 10:47:33 +0200 |
Hi Maxim,
> The key thing here is whether the certs are required by OpenSSL vs
> GnuTLS. The former honors SSL_CERT_DIR, while the later does not (I
...
> I hope that helps!
Thanks, that certainly helps to understand the issues.
My preferred approach would be to manage all certificates as Guix
packages, and not have any environment variables. That would be the
opposite of your proposal to make GnuTLS honor SSL_CERT_DIRS. It's
always a mess to have multiple uncoordinated environment managers.
I do see the difficulty for those who need personal certificates and
don't know how to package them in Guix, but that could be solved by a
dedicated tool.
Cheers,
Konrad