Date: Thu, 5 Feb 2015 22:18:15 +0100 From: Kurt Jaeger <lists@opsec.eu> To: "freebsd-ports@freebsd.org" <freebsd-ports@freebsd.org> Subject: Re: pkg and https-based repo with self-signed cert Message-ID: <20150205211815.GS44537@home.opsec.eu> In-Reply-To: <01995384-5D03-4C8B-B998-83CCC128FF44@grem.de> References: <20150205205253.GQ44537@home.opsec.eu> <20150205205511.GR44537@home.opsec.eu> <01995384-5D03-4C8B-B998-83CCC128FF44@grem.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi!
> >> How do I get pkg to accept a self-signed cert if the repo is running
> >> under https ?
> > man 3 fetch says
> >
> > export SSL_NO_VERIFY_PEER=1
To be more exact:
cd /usr/local/etc/
cp pkg.conf.sample pkg.conf
vi pkg.conf
-------------
PKG_ENV : {
SSL_NO_VERIFY_PEER: 1
}
-------------
will do this without the explicit environment variable.
> That will accept *any* cert, not certain if that's what you want
> (depends on your use case).
Well, it's not perfect, but it's good enough for now.
> You can set environment variables in pkg.conf (PKG_ENV if I
> remember correctly)
Yes, that helped. I had to copy the syntax from the pkg.conf.sample
with the ALIASes.
--
pi@opsec.eu +49 171 3101372 5 years to go !
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150205211815.GS44537>