Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 30 Aug 2012 22:36:12 +0300
From:      Alexander Kapshuk <alexander.kapshuk@gmail.com>
To:        Ruslan Mahmatkhanov <cvs-src@yandex.ru>
Cc:        python@FreeBSD.org
Subject:   Re: Mercurial CA Certificates
Message-ID:  <503FC0AC.3090704@gmail.com>
In-Reply-To: <503FBB43.2050507@yandex.ru>
References:  <50312651.7020202@gmail.com> <503E66B5.2020809@yandex.ru> <503E7CF0.3040802@gmail.com> <503FBB43.2050507@yandex.ru>

next in thread | previous in thread | raw e-mail | index | archive | help
On 08/30/2012 10:13 PM, Ruslan Mahmatkhanov wrote:
>>> As far I understand, FreeBSD doesn't come prepackaged with root CA
>>> certificates like other systems do (it's not 146%, but seems so). So,
>>> I'd follow recommendation from [1] in part "2.7. Other platforms".
>>>
>>> - download CA list from [2]
>>> - put this lines into your ~/.hgrc:
>>>
>>> [web]
>>> cacerts = /place/where/you/put/cacert.pem
>>>
>>> Hope this helps.
>>>
>>> [1] http://mercurial.selenic.com/wiki/CACertificates
>>> [2] http://curl.haxx.se/docs/caextract.html
>>>
>> OK. Thanks. I'll give that a try.
>
> Just realized that there is security/ca_root_nss that installs the 
> certs into /usr/local/share/certs and the port itself asks if you want 
> to create symlink to it in /etc/ssl/cert.pem. You may add any of them 
> into your ~/.hgrc. Please let me know if it works for you, and if it 
> is, it should be added into mercurial's wiki, and maybe to our 
> mercurial port as pkg-message or so.
I haven't had a chance to try your initial suggestion yet. I'm willing 
to give the security/ca_root_nss port a try first over the next couple 
of days.

I'll let you and the mailing list know how I go.

Thanks.




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?503FC0AC.3090704>