SSL is broken on FreeBSD
Frank J. Cameron
cameron at ctc.com
Wed Apr 6 13:25:21 UTC 2011
On Tue, 2011-04-05 at 19:59 -0400, Dan Lukes wrote:
> > So, should the port be linking?:
> > /usr/local/ssl/cert.pem
> -> /usr/local/share/certs/ca-root-nss.crt
>
> Even in the case I'm not true and there IS "implicit -CApath" then my
> answer to your question is "No".
>
> 1. Installation of ca-root-nss.crt doesn't mean it's installed for
> use
> with openssl. So we should not affect the openssl behavior
> automatically.
It was my assumption that the port build was offering to create the link
(Dmytro Pryanyshnikov: 'ETCSYMLINK=on "Add symlink
to /etc/ssl/cert.pem"') and I assume that the default would be no
(though that would be up to the port maintainer I suppose).
------------------------------------------------------------
This message and any files transmitted within are intended
solely for the addressee or its representative and may
contain company sensitive information. If you are not the
intended recipient, notify the sender immediately and delete
this message. Publication, reproduction, forwarding, or
content disclosure is prohibited without the consent of the
original sender and may be unlawful.
Concurrent Technologies Corporation and its Affiliates.
www.ctc.com 1-800-282-4392
------------------------------------------------------------
More information about the freebsd-security
mailing list