non port: security/ca_root_nss/files/pkg-message.in |
Number of commits found: 5 |
Sunday, 8 Oct 2023
|
04:36 Dag-Erling Smørgrav (des)
security/ca_root_nss: Restore the ETC_SYMLINK.
It turns out that some ports have an undisclosed dependency on the
symlink and cannot be trivially changed to use the system trust
store instead.
Amend the package message to make it clear that software which relies
on this symlink is not following recommended practice.
I will look into getting certctl(8) to provide cert.pem instead, but
it may take a while until we can rely on this being in place on all
supported releases.
This partly reverts commit 483e74f44b82.
PR: 274322
MFH: 2023Q4
Reviewed by: fluffy
Differential Revision: https://reviews.freebsd.org/D42120
52e0c40 |
Friday, 6 Oct 2023
|
15:48 Dag-Erling Smørgrav (des)
security/ca_root_nss: Use certctl instead of a symlink.
MFH: 2023Q4
Reviewed by: fluffy, sunpoet
Differential Revision: https://reviews.freebsd.org/D42045
483e74f |
Wednesday, 14 Aug 2019
|
12:16 mat
Convert to UCL & cleanup pkg-message (categories s)
|
Wednesday, 20 May 2015
|
18:08 bjk
Fix spelling of "certification authority"
Approved by: portmgr (bapt), bapt (ports committer)
|
Monday, 9 Feb 2015
|
09:44 koobs
security/ca_root_nss: Fix SSL verification for ports OpenSSL consumers
Since 2.7.9, Python verifies SSL certificates by default. Currently,
even with security/ca_root_nss installed, Python fails certificate
verification.
Upon investigation, Python uses OpenSSL's standard
SSL_CTX_load_verify_locations function to load a list of CA root
certificates.
Support was added to ca_root_nss for "out of the box" certificate
verification for a number of base utilities in r372629 [1], but this
did not include support for software that uses OpenSSL's
SSL_CTX_load_verify_locations function.
(Only the first 15 lines of the commit message are shown above )
|
Number of commits found: 5 |