GNU bug report logs - #49957
[PATCH] gnu: p11-kit: Fix certificate errors from flatpak apps

Previous Next

Package: guix-patches;

Reported by: Andrew Whatson <whatson <at> gmail.com>

Date: Mon, 9 Aug 2021 14:15:02 UTC

Severity: normal

Tags: patch

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #16 received at 49957-done <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Andrew Whatson <whatson <at> gmail.com>
Cc: John Kehayias <john.kehayias <at> protonmail.com>, 49957-done <at> debbugs.gnu.org
Subject: Re: bug#49957: [PATCH] gnu: p11-kit: Fix certificate errors from
 flatpak apps
Date: Mon, 25 Oct 2021 21:13:42 +0200

Hi,

Andrew Whatson <whatson <at> gmail.com> skribis:

> Flatpak has a soft dependency on p11-kit, which was configured without
> knowledge of the system-wide CA certificate store.  This caused some
> flatpak apps to fail with ERR_CERT_AUTHORITY_INVALID errors.
>
> * gnu/packages/tls.scm (p11-kit): Configure with
> /etc/ssl/certs/ca-certificates.crt as a trusted path.

I pushed a similar fix on ‘master’ based on John’s patch as
b4d29851e412c6f4fea5b2d98160258b9768dee3.

We might as well update the default p11-kit though?  (Somehow I was
assuming it had many dependents, but it only has 80+.)

Thanks,
Ludo’.
This bug report was last modified 3 years and 269 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.