Hi, On Fri, 20 Jan 2023 17:16:11 +0900, Andrea Venturoli wrote: > Base has single certs in /etc/ssl/certs, where I can add my own > private CAs' ones. > > Port provides a single bundled file in > /usr/local/etc/ssl/cert.pem. > This (at least in some cases) overrides completely the ones in > /etc/ssl/certs, so my own private CAs will not work anymore > In the end, I have to delete /usr/local/etc/ssl/cert.pem every time > the port creates it (and currently I have found no way to prevent it > from doing this).
You can put your private CAs into /usr/local/etc/ssl/certs. Running "certctl rehash" makes symlinks of the certs in /usr/local/etc/ssl/certs into /etc/ssl/certs. Sincerely, -- Hajimu UMEMOTO u...@mahoroba.org u...@freebsd.org
