maintainer-feedback requested: [Bug 199611] lang/ruby20: DEFAULT_CERT_FILE is incorrect

bugzilla-noreply Wed, 22 Apr 2015 06:31:35 -0700

renc...@cocoa-x.com has reassigned Bugzilla Automation <bugzi...@freebsd.org>'s
request for maintainer-feedback to r...@freebsd.org:
Bug 199611: lang/ruby20: DEFAULT_CERT_FILE is incorrect
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=199611




--- Description ---
When you build ruby with openssl from ports, it uses non-existent and
non-standard path to get CA files :
$ ruby -ropenssl -e 'puts OpenSSL::X509::DEFAULT_CERT_FILE'
/usr/local/openssl/cert.pem
$ ruby -ropenssl -e 'puts OpenSSL::X509::DEFAULT_CERT_DIR'
/usr/local/openssl/certs

Most ports uses /usr/local/etc/ssl/cert.pem, and this is the path installed by
the ca-root-nss port

At the moment you need to create this symlink before using SSL in ruby, and
many people disable ssl certs checks because of this. Having sane defaults
would be very helpful.

Note: when using openssl from base, it uses /etc/ssl/cert.pem, which is created
as asymlink to /usr/local/etc/ssl/cert.pem by ca-root-nss
_______________________________________________
freebsd-ruby@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ruby
To unsubscribe, send any mail to "freebsd-ruby-unsubscr...@freebsd.org"

maintainer-feedback requested: [Bug 199611] lang/ruby20: DEFAULT_CERT_FILE is incorrect

Reply via email to