This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

wget, OpenSSL and root CA certificates

From: nu774 <honeycomb77 at gmail dot com>
To: cygwin at cygwin dot com
Date: Wed, 11 Sep 2013 22:03:27 +0900
Subject: wget, OpenSSL and root CA certificates
Authentication-results: sourceware.org; auth=none

Currently, root CA certificates of Cygwin are installed via
ca-certificates package, and at least libcurl sees it.
However, wget on https URL always results in verify error, since wget
relies on SSL_CTX_set_default_verify_paths() of OpenSSL, but OpenSSL
doesn't see certificates installed via ca-certificate package.

As far as I can see (using strings cygcrypto-1.0.0.dll | grep or
something), default store file for OpenSSL is configured as
/usr/ssl/cert.pem and directory is /usr/ssl/certs/.
Therefore I tried
ln -s /usr/ssl/certs/ca-bundle.crt /usr/ssl/cert.pem
and it works. Now I can use wget without --no-check-certificate.

Is it possible to link ca-bundle.crt to /usr/ssl/cert.pem like above on
ca-certificates package installation?

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]