GNU bug report logs - #38254
Download code should honor /etc/ssl/certs/*.crt

Previous Next

Package: guix;

Reported by: Ludovic Courtès <ludovic.courtes <at> inria.fr>

Date: Mon, 18 Nov 2019 09:33:02 UTC

Severity: normal

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Ludovic Courtès <ludovic.courtes <at> inria.fr>
To: bug-Guix <at> gnu.org
Subject: bug#38254: Download code should honor /etc/ssl/certs/*.crt
Date: Mon, 18 Nov 2019 10:29:06 +0100

Hello,

Some distros such as CentOS 7 with its ‘ca-certificates’ package provide
nothing but a certificate bundle in /etc/ssl:

--8<---------------cut here---------------start------------->8---
$ ls -l /etc/ssl/certs/
total 12
lrwxrwxrwx. 1 root root   49  8 nov.  16:44 ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
lrwxrwxrwx. 1 root root   55  8 nov.  16:44 ca-bundle.trust.crt -> /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt
-rwxr-xr-x. 1 root root  610 30 oct.   2018 make-dummy-cert
-rw-r--r--. 1 root root 2516 30 oct.   2018 Makefile
-rwxr-xr-x. 1 root root  829 30 oct.   2018 renew-dummy-cert
--8<---------------cut here---------------end--------------->8---

As of commit 9c9982dc0c8c38ce3821b154b7e92509c1564317, ‘guix download’ &
co. (anything that relies on (guix build download)) fail because they
looks for /etc/ssl/certs/*.pem by default and there’s no such file.

Thanks,
Ludo’.

This bug report was last modified 5 years and 269 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #38254 Download code should honor /etc/ssl/certs/*.crt

GNU bug report logs - #38254
Download code should honor /etc/ssl/certs/*.crt