Date: Tue, 25 Feb 2014 12:42:29 -0800 From: "R. Tyler Croy" <tyler@monkeypox.org> To: Zach Leslie <zach@puppetlabs.com> Cc: puppet-bsd@googlegroups.com, gecko@FreeBSD.org Subject: Re: SSL verification issues when installing modules from the Forge Message-ID: <20140225204229.GX85115@kiwi> In-Reply-To: <20140225194628.GK83500@prozach.local> References: <20140224003807.GD85115@kiwi> <20140224175709.GH83500@prozach.local> <20140224181517.GK85115@kiwi> <20140225194628.GK83500@prozach.local>
next in thread | previous in thread | raw e-mail | index | archive | help
--+9WMDU/RdULAIC7Q Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello gecko@! I'm CC'ing you on this thread already in progress, I hope you don't mind! On Tue, 25 Feb 2014, Zach Leslie wrote: > > Bingo! This works: > >=20 > > % pkg install puppet ca_root_nss > > % ln -s /usr/local/share/certs/ca-root-nss.crt /etc/ssl/cert.pem > > % puppet module install zleslie/pkgng > >=20 > > Perhaps I should file a bug against the puppet FreeBSD port to specify = the > > dependency correctly, and perhaps the puppet port should create the sym= bolic > > link? >=20 > Linking as part of the puppet port would work, though I really think > this is the job of the ca_root_nss port. I'm not sure why its disabled > by default. It might be worth reaching out to the port maintainers. Gecko, I'm curious whether it would be possible to update the ca_root_nss port's ETCSYMLINK option to default to true? In the case of installing ca_root_nss from pkgng, the option cannot be changed by a user installing t= he package, so the symlink won't exist, which causes problems :( If this isn't something you're comfortable with changing, it'd be helpful to understand why, so we could explore other means of solving the problem and document them accordingly. Cheers - R. Tyler Croy ------------------------------------------------------ Code: <https://github.com/rtyler> Chatter: <https://twitter.com/agentdero> % gpg --keyserver keys.gnupg.net --recv-key 3F51E16F ------------------------------------------------------ --+9WMDU/RdULAIC7Q Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iEYEARECAAYFAlMNADUACgkQFCbH3D9R4W+YFwCdHqrx8/pv0Z88Q8XFvIv3Bvhl JtAAn06JNB2f4QaIBTZOc5iixNq4YeVS =KUkM -----END PGP SIGNATURE----- --+9WMDU/RdULAIC7Q--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140225204229.GX85115>