Hi Maxim, > The key thing here is whether the certs are required by OpenSSL vs > GnuTLS. The former honors SSL_CERT_DIR, while the later does not (I ...
> I hope that helps! Thanks, that certainly helps to understand the issues. My preferred approach would be to manage all certificates as Guix packages, and not have any environment variables. That would be the opposite of your proposal to make GnuTLS honor SSL_CERT_DIRS. It's always a mess to have multiple uncoordinated environment managers. I do see the difficulty for those who need personal certificates and don't know how to package them in Guix, but that could be solved by a dedicated tool. Cheers, Konrad
