./security/mozilla-rootcerts-openssl, Wedge for installing and managing mozilla-rootcerts

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2022Q3, Version: 2.8, Package name: mozilla-rootcerts-openssl-2.8, Maintainer: dholland

This package configures the Mozilla rootcerts bundle CAs as trust
anchors in OpenSSL, so that programs using OpenSSL will be able to use
them to validate SSL certificates.

For pkgsrc-provided OpenSSL, this package modifies
${PREFIX}/etc/ssl/certs, which belongs to another package. This is
somewhat irregular as packages should not modify content under etc.

For native OpenSSL, it modifies the base system OpenSSL certificate
directory, e.g. /etc/openssl/certs or /etc/ssl/certs. This is
necessary to configure trust anchors for native OpenSSL, so that
progams in pkgsrc can use these CA certs in validation. Modification
of /etc is very irregular as pkgsrc should not write anything outside
of ${PREFIX}.

See also the mozilla-rootcerts package (which this one depends on) for
placing the Mozilla CA list in the filesystem but not configuring it
into OpenSSL, as well as a script to aid in manual configuration of
trust anchors.


Version history: (Expand)