[openssl_utils 0005193]: OpenSSL does not look for the certificates in the right place
Mantis Bug Tracker via bug-notifications
bug-notifications at lists.opencsw.org
Wed Jul 30 10:17:49 CEST 2014
The following issue has been SUBMITTED.
Reported By: laurent
Issue ID: 5193
Date Submitted: 2014-07-30 10:17 CEST
Last Modified: 2014-07-30 10:17 CEST
Summary: OpenSSL does not look for the certificates in the
I'm not 100% sure this is only an OpenSSL issue, but I think it's the right
place to start:
Symptom is that OpenCSW wget refuses to connect via https because the
certificate cannot be verified:
$ type wget
wget is hashed (/opt/csw/bin/wget)
Resolving github.com (github.com)... 126.96.36.199
Connecting to github.com (github.com)|188.8.131.52|:443... connected.
ERROR: cannot verify github.com's certificate, issued by '/C=US/O=DigiCert
Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA':
Unable to locally verify the issuer's authority.
To connect to github.com insecurely, use `--no-check-certificate'.
truss shows it's failing to find it, and is looking in a non-existent
27097: xstat(2, "/opt/csw/ssl/certs/244b5494.0", 0x08046AB0) Err#2 ENOENT
Just adding a symlink to the right directory is enough to make it work:
# ln -s /etc/opt/csw/ssl/certs /opt/csw/ssl/
So I guess either the symlink should be packaged, or OpenSSL should be
built to look into /etc/opt/csw/ssl/certs by default.
My preference goes to the latter.
More information about the bug-notifications