Hi Maxim, > I agree that managing certs with Guix has many benefits, and having > GnuTLS honor an SSL_CERTS_DIRS environment variable would enable that.
Yes, but it would also make it hard to avoid non-Guix-managed certificates from being used, be it through user (configuration) error or malice. > Remember that installing nss-certs or your certs of choice package to a > profile is not enough to have them discovered; something such as en > environment variable and a search path specification is also necessary. That's exactly what I'd like to change (ideally, I don't know if that is even possible). Configuration via Guix and nothing but Guix. The only certificates being used are those defined in a Guix profile or environment. Cheers, Konrad.
