Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 25 Feb 2014 12:42:29 -0800
From:      "R. Tyler Croy" <tyler@monkeypox.org>
To:        Zach Leslie <zach@puppetlabs.com>
Cc:        puppet-bsd@googlegroups.com, gecko@FreeBSD.org
Subject:   Re: SSL verification issues when installing modules from the Forge
Message-ID:  <20140225204229.GX85115@kiwi>
In-Reply-To: <20140225194628.GK83500@prozach.local>
References:  <20140224003807.GD85115@kiwi> <20140224175709.GH83500@prozach.local> <20140224181517.GK85115@kiwi> <20140225194628.GK83500@prozach.local>
next in thread | previous in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
Hello gecko@! I'm CC'ing you on this thread already in progress, I hope you
don't mind!

On Tue, 25 Feb 2014, Zach Leslie wrote:

> > Bingo! This works:
> > 
> >     % pkg install puppet ca_root_nss
> >     % ln -s /usr/local/share/certs/ca-root-nss.crt /etc/ssl/cert.pem
> >     % puppet module install zleslie/pkgng
> > 
> > Perhaps I should file a bug against the puppet FreeBSD port to specify the
> > dependency correctly, and perhaps the puppet port should create the symbolic
> > link?
> 
> Linking as part of the puppet port would work, though I really think
> this is the job of the ca_root_nss port.  I'm not sure why its disabled
> by default.  It might be worth reaching out to the port maintainers.



Gecko, I'm curious whether it would be possible to update the ca_root_nss
port's ETCSYMLINK option to default to true? In the case of installing
ca_root_nss from pkgng, the option cannot be changed by a user installing the
package, so the symlink won't exist, which causes problems :(



If this isn't something you're comfortable with changing, it'd be helpful to
understand why, so we could explore other means of solving the problem and
document them accordingly.


Cheers
- R. Tyler Croy

------------------------------------------------------
     Code: <https://github.com/rtyler>;
  Chatter: <https://twitter.com/agentdero>;

  % gpg --keyserver keys.gnupg.net --recv-key 3F51E16F
------------------------------------------------------

[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (FreeBSD)

iEYEARECAAYFAlMNADUACgkQFCbH3D9R4W+YFwCdHqrx8/pv0Z88Q8XFvIv3Bvhl
JtAAn06JNB2f4QaIBTZOc5iixNq4YeVS
=KUkM
-----END PGP SIGNATURE-----

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140225204229.GX85115>