Date: Sun, 28 Dec 2014 14:57:19 -0800 From: Michael Sierchio <kudzu@tenebras.com> To: David Benfell <benfell@parts-unknown.org> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: what's the story with openssl? Message-ID: <CAHu1Y71ez=Xej1cdBebEmuYpjZBTTjPmEKhaypH1XFYiCyucyw@mail.gmail.com> In-Reply-To: <20141228184319.GA84504@home.parts-unknown.org> References: <20141228184319.GA84504@home.parts-unknown.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Dec 28, 2014 at 10:43 AM, David Benfell <benfell@parts-unknown.org> wrote: > > This seems like it should be an unbelievably stupid question. But I > guess FreeBSD's idea of sane defaults for openssl do not accord with > my idea of sane defaults for openssl. > > I have tried the security/ca_root_nss port now both with and without > the option to create the link in /etc. It doesn't help. > > Why am I having to specify --ca-certificate > /usr/local/share/certs/ca-root-nss.crt to make wget work? What do I > have to do to make this not necessary--and *stay* not necessary? fetch (in the base system) uses environment variables, so you could set SSL_CA_CERT_FILE to the proper value with fetch. I don't remember of the top of my head how defaults are set in wget.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y71ez=Xej1cdBebEmuYpjZBTTjPmEKhaypH1XFYiCyucyw>