Date: Wed, 22 Apr 2015 13:30:13 +0000 From: bugzilla-noreply@freebsd.org To: ruby@FreeBSD.org Subject: maintainer-feedback requested: [Bug 199611] lang/ruby20: DEFAULT_CERT_FILE is incorrect Message-ID: <bug-199611-21402-pOFHLv9Qug@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-199611-21402@https.bugs.freebsd.org/bugzilla/> References: <bug-199611-21402@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
renchap@cocoa-x.com has reassigned Bugzilla Automation <bugzilla@FreeBSD.org>'s request for maintainer-feedback to ruby@FreeBSD.org: Bug 199611: lang/ruby20: DEFAULT_CERT_FILE is incorrect https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=199611 --- Description --- When you build ruby with openssl from ports, it uses non-existent and non-standard path to get CA files : $ ruby -ropenssl -e 'puts OpenSSL::X509::DEFAULT_CERT_FILE' /usr/local/openssl/cert.pem $ ruby -ropenssl -e 'puts OpenSSL::X509::DEFAULT_CERT_DIR' /usr/local/openssl/certs Most ports uses /usr/local/etc/ssl/cert.pem, and this is the path installed by the ca-root-nss port At the moment you need to create this symlink before using SSL in ruby, and many people disable ssl certs checks because of this. Having sane defaults would be very helpful. Note: when using openssl from base, it uses /etc/ssl/cert.pem, which is created as asymlink to /usr/local/etc/ssl/cert.pem by ca-root-nss
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-199611-21402-pOFHLv9Qug>