Add an RPM for the root certs
Issue #32
new
If I try to clone a https git url I get the following:
-bash-4.3$ git clone https://github.com/rpm-software-management/rpm.git
Cloning into 'rpm'...
fatal: unable to access 'https://github.com/rpm-software-management/rpm.git/': SSL certificate problem: unable to get local issuer certificate
-bash-4.3$
The solution of course is to grab ca-certificates.crt from a linux box or git for windows. The better solution would be if we made an RPM for the ssl certs.
I tried grabbing the fedora RPM sources for the mozilla root certs. Discovered that rpm 3.0.5 won't build that spec. So before I go down the rabbit hole of building RPM 4 on PASE I figured I'd ask here what the best way to proceed would be?
Comments (2)
-
-
Best is going to be a combination of p11-kit and update-ca-certificates along with the Mozilla root certs. This is exactly what SUSE does and probably other Linux distros.
- Log in to comment
What I do is download the cacerts from curl's website. I put it in
~/certs/cacert.pem
and then run commands as follows:The best solution would be to figure out where git/curl/wget/etc are looking for certs by default and then put together directions to symlink our way to them all working. Once we have the symlinks setup we just need to
wget https://curl.haxx.se/ca/cacert.pem
to the symlink'd directory and everything should be snappy.##Thoughts?