From owner-freebsd-questions@FreeBSD.ORG Wed Aug 27 17:54:32 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 09C2C8B0 for ; Wed, 27 Aug 2014 17:54:32 +0000 (UTC) Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2lp0243.outbound.protection.outlook.com [207.46.163.243]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "MSIT Machine Auth CA 2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CA97D3472 for ; Wed, 27 Aug 2014 17:54:30 +0000 (UTC) Received: from [IPv6:2601:2:4780:2fd:3cfa:1b41:db29:34df] (2601:2:4780:2fd:3cfa:1b41:db29:34df) by DM2PR0301MB0845.namprd03.prod.outlook.com (25.160.215.143) with Microsoft SMTP Server (TLS) id 15.0.1015.19; Wed, 27 Aug 2014 17:54:27 +0000 Message-ID: <53FE1B4C.5030307@my.hennepintech.edu> Date: Wed, 27 Aug 2014 12:54:20 -0500 From: Andrew Berg User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.0 MIME-Version: 1.0 To: Subject: Re: fetch problem on relatively new 10.0-RELEASE-p7 host References: In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [2601:2:4780:2fd:3cfa:1b41:db29:34df] X-ClientProxiedBy: BN3PR0301CA0022.namprd03.prod.outlook.com (25.160.180.160) To DM2PR0301MB0845.namprd03.prod.outlook.com (25.160.215.143) X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:;UriScan:; X-Forefront-PRVS: 0316567485 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(6009001)(189002)(24454002)(51704005)(199003)(54356999)(65956001)(86362001)(90102001)(23676002)(65806001)(20776003)(31966008)(102836001)(76482001)(87266999)(76176999)(50986999)(83322001)(80316001)(80022001)(79102001)(101416001)(19580395003)(64706001)(65816999)(230783001)(59896002)(42186005)(77982001)(74662001)(85306004)(47776003)(33656002)(83506001)(46102001)(95666004)(2351001)(88552001)(106356001)(81542001)(83072002)(85852003)(81342001)(89122001)(107886001)(107046002)(21056001)(92566001)(75432001)(77096002)(99396002)(74502001)(64126003)(4396001)(50466002)(92726001)(87976001)(105586002)(110136001)(89472002)(3826002); DIR:OUT; SFP:; SCL:1; SRVR:DM2PR0301MB0845; H:[IPv6:2601:2:4780:2fd:3cfa:1b41:db29:34df]; FPR:; MLV:nov; PTR:InfoNoRecords; MX:1; A:0; LANG:en; X-OriginatorOrg: my.hennepintech.edu X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Aug 2014 17:54:32 -0000 On 2014.08.27 12:19, Michael Sierchio wrote: > It seems, after running in verbose mode, that the (undocumented in the > man page) default location for the trusted Root CA bundle is > > /etc/ssl/cert.pem > > which doesn't exist. I created a symlink to > > /usr/local/share/certs/ca-root-nss.crt > > and fetching from a URI whose method is HTTPS now works. Yes, naturally, something in base would go looking in /etc rather than /usr/local/etc. The ca_root_nss port has an option to create this symlink. There is also an environment variable available to make fetch download something anyway. I forget what it is, but I'm pretty sure it's documented in the fetch(3) man page or such.