* wget, OpenSSL and root CA certificates
@ 2013-09-11 20:40 nu774
0 siblings, 0 replies; only message in thread
From: nu774 @ 2013-09-11 20:40 UTC (permalink / raw)
To: cygwin
Currently, root CA certificates of Cygwin are installed via
ca-certificates package, and at least libcurl sees it.
However, wget on https URL always results in verify error, since wget
relies on SSL_CTX_set_default_verify_paths() of OpenSSL, but OpenSSL
doesn't see certificates installed via ca-certificate package.
As far as I can see (using strings cygcrypto-1.0.0.dll | grep or
something), default store file for OpenSSL is configured as
/usr/ssl/cert.pem and directory is /usr/ssl/certs/.
Therefore I tried
ln -s /usr/ssl/certs/ca-bundle.crt /usr/ssl/cert.pem
and it works. Now I can use wget without --no-check-certificate.
Is it possible to link ca-bundle.crt to /usr/ssl/cert.pem like above on
ca-certificates package installation?
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2013-09-11 13:03 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-09-11 20:40 wget, OpenSSL and root CA certificates nu774
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).