Skip Tavakkolian <skip.tavakkol...@gmail.com> wrote:
|root CA certificates. David's reply jogged my memory; if i recall, i cat'ed
|/etc/ssl/certs/*.pem of the ubuntu box and it was so i could go get.
I've not really followed it but there was a thread on
OpenSSL-users which mentioned an issue ([1]).
That thread mentioned a go(1) program [2] which was later also
suggested as good by Christian Heimes (in [1]).
[1] <http://article.gmane.org/gmane.comp.encryption.openssl.user/50237>
[2] <https://github.com/agl/extract-nss-root-certs>
I'm using curl-ca-bundle from curl(1), but that's perl(1).
--steffen
--- Begin Message ---
root CA certificates. David's reply jogged my memory; if i recall, i cat'ed
/etc/ssl/certs/*.pem of the ubuntu box and it was so i could go get.
On Tue, Dec 3, 2013 at 9:44 AM, Jeff Sickel <j...@corpus-callosum.com> wrote:
> What do people use for /sys/lib/tls/ca.pem?
>
> I noticed that David added it as the default for Go’s
> crypt/x509, but do you use a blank, self-signed template,
> or an actual trusted CA chain?
>
>
>
>
--- End Message ---
