Certificate Authorities: curl-ca-bundle, certsync, keychain
Landon Fuller
landonf at macports.org
Fri Dec 6 06:10:12 PST 2013
On Nov 28, 2013, at 10:32 , Rainer Müller <raimue at macports.org> wrote:
> The only catch is that custom added certificates or trust anchors need
> to be in the system keychain to be picked up by certsync by default.
Yeah, this was an unfortunate trade-off; since certsync is a system-wide daemon, and the resulting CA certs file is also system-wide, it seemed to be the most appropriate course of action. Most of the alternatives involve patching OpenSSL and some of the software that depends on it, which is a road I'm personally wary of committing to.
-landonf
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.macosforge.org/pipermail/macports-dev/attachments/20131206/5d15fc56/attachment.sig>
More information about the macports-dev
mailing list