From owner-freebsd-questions@FreeBSD.ORG Mon Dec 29 04:27:40 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C15A285C for ; Mon, 29 Dec 2014 04:27:40 +0000 (UTC) Received: from mail-oi0-x229.google.com (mail-oi0-x229.google.com [IPv6:2607:f8b0:4003:c06::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8EAA21AB5 for ; Mon, 29 Dec 2014 04:27:40 +0000 (UTC) Received: by mail-oi0-f41.google.com with SMTP id i138so23300473oig.0 for ; Sun, 28 Dec 2014 20:27:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=LU6HgBcYS8zGqMUyLw3b6QMtzdRPG+omnKyiku4RctE=; b=eIc6F//4LzneavwUjOL6CQnOYMhBQUiFwMepgvFPR/VL10qX5yYbXC3ABvJldNMRVG mdvE+ledgZJA/7VLsielps2oqDQpnCitBgTkn5iqQRZd22XwsOxdRpSgJmTBaRB/F5ov VL6ZpisW/qPoyBggMDERq4GXFo1HJM0i3WCb+wg+Y9tSKHISMugzORW8RyBs5VQDvnOy QvwJXv/d6oaJA5IccRHtVXLZsAn0tsrs2mrd7hD1vnTaNOMCzman0A4Y5SRTQhR2SGer 0/iXRIImpNa77uG5M6kZyVFRJgvb9RGZ2/RqA/tRlVd7Wh4mMTf8hPkbty+VG4VFv0ET VqaA== MIME-Version: 1.0 X-Received: by 10.202.176.132 with SMTP id z126mr14026683oie.41.1419827259428; Sun, 28 Dec 2014 20:27:39 -0800 (PST) Received: by 10.182.247.74 with HTTP; Sun, 28 Dec 2014 20:27:39 -0800 (PST) In-Reply-To: <20141228184319.GA84504@home.parts-unknown.org> References: <20141228184319.GA84504@home.parts-unknown.org> Date: Sun, 28 Dec 2014 20:27:39 -0800 Message-ID: Subject: Re: what's the story with openssl? From: jungle Boogie To: David Benfell Content-Type: text/plain; charset=UTF-8 Cc: FreeBSD Questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Dec 2014 04:27:40 -0000 Hi David, On 28 December 2014 at 10:43, David Benfell wrote: > Hi all, > > This seems like it should be an unbelievably stupid question. But I > guess FreeBSD's idea of sane defaults for openssl do not accord with > my idea of sane defaults for openssl. > > I have tried the security/ca_root_nss port now both with and without > the option to create the link in /etc. It doesn't help. > > Why am I having to specify --ca-certificate > /usr/local/share/certs/ca-root-nss.crt to make wget work? What do I > have to do to make this not necessary--and *stay* not necessary? > I use fetch and a last year or so I came across this: http://smyck.net/2014/01/22/freebsd-authentication-error/ I don't even know if this applies anymore with 10.1+ > Thanks! > -- > David Benfell > See https://parts-unknown.org/node/2 if you don't understand the > attachment. -- ------- inum: 883510009027723 sip: jungleboogie@sip2sip.info xmpp: jungle-boogie@jit.si