[MacPorts] #46539: GitHub fetches fail under OSX 10.5 (and presumably 10.4)
MacPorts
noreply at macports.org
Tue Jan 13 00:25:19 PST 2015
#46539: GitHub fetches fail under OSX 10.5 (and presumably 10.4)
---------------------+--------------------------------
Reporter: fw@… | Owner: macports-tickets@…
Type: defect | Status: new
Priority: Low | Milestone:
Component: base | Version: 2.3.3
Resolution: | Keywords:
Port: |
---------------------+--------------------------------
Comment (by nad@…):
"AFAICT, the system root CAs are fine, since I can access GitHub from the
old versions of Safari and Firefox on 10.5 just fine"
FWIW, on 10.5 (and earlier), the system OpenSSL and curl do not use the
same source for root CAs as either Safari or Firefox. By default, curl
looks for a certificate bundle file at /usr/share/curl/curl-ca-bundle.crt,
which you can manually update but, as noted above, that still won't help
for newer SHA256 certs. The system OpenSSL looks for root CAs in
/System/Library/OpenSSL. Starting in 10.6, if no root CA match is found
in /System/Library/OpenSSL, the system OpenSSL will consult the system
trust store of certificates via TEA (see https://hynek.me/articles/apple-
openssl-verification-surprises/ for details).
--
Ticket URL: <https://trac.macports.org/ticket/46539#comment:6>
MacPorts <https://www.macports.org/>
Ports system for OS X
More information about the macports-tickets
mailing list