Hi Maxim,
> I agree that managing certs with Guix has many benefits, and having
> GnuTLS honor an SSL_CERTS_DIRS environment variable would enable that.
Yes, but it would also make it hard to avoid non-Guix-managed
certificates from being used, be it through user (configuration)
error or malice.
Hello Konrad,
Konrad Hinsen writes:
> Hi Maxim,
>
>> The key thing here is whether the certs are required by OpenSSL vs
>> GnuTLS. The former honors SSL_CERT_DIR, while the later does not (I
> ...
>
>> I hope that helps!
>
> Thanks, that certainly helps to understand the issues.
>
> My preferre
Wiktor Żelazny writes:
> Would it make sense to define a minimal package that includes only
> nss-certs input and use it for this purpose, then? A package that
> inherits from "hello" with nss-certs input added, for instance?
That would be a quick fix. Could it become an obstacle to a better
lon
On Mon, Oct 04, 2021 at 09:25:13AM +0200, zimoun wrote:
> On Sun, 03 Oct 2021 at 18:45, Wiktor Żelazny wrote:
>
> > For some reason, it works for me with
> >
> >--ad-hoc python nss-certs guix -- \
> If any package depending on nss-certs is added, then it works,
Would it make sense to define
Hi Maxim,
> The key thing here is whether the certs are required by OpenSSL vs
> GnuTLS. The former honors SSL_CERT_DIR, while the later does not (I
...
> I hope that helps!
Thanks, that certainly helps to understand the issues.
My preferred approach would be to manage all certificates as Guix
Hi,
Wiktor Żelazny writes:
> On Thu, Sep 30, 2021 at 12:08:53PM +0200, Konrad Hinsen wrote:
>
>>guix environment --pure \
>>--ad-hoc python nss-certs -- \
>>python3 -c 'import urllib.request;
>> print(urllib.request.urlopen("http://wwwbis.sidc.be/DATA/uset/Wlight/200
Hi Konrad,
On Mon, 04 Oct 2021 at 11:37, Konrad Hinsen wrote:
> thanks for shedding some light on this strange behavior. After some more
> exploration, the fundamental issue seems to be that many packages use
> certificates but only a very small number declare a dependence on
> nss-certs. In fac
Hi Wiktór and Simon,
thanks for shedding some light on this strange behavior. After some more
exploration, the fundamental issue seems to be that many packages use
certificates but only a very small number declare a dependence on
nss-certs. In fact, nss-certs has only three direct dependents (iced
Hi Konrad and Wiktór,
On Sun, 03 Oct 2021 at 18:45, Wiktor Żelazny wrote:
> On Thu, Sep 30, 2021 at 12:08:53PM +0200, Konrad Hinsen wrote:
>
>>guix environment --pure \
>>--ad-hoc python nss-certs -- \
>>python3 -c 'import urllib.request;
>> print(urllib.request.urlop
On Thu, Sep 30, 2021 at 12:08:53PM +0200, Konrad Hinsen wrote:
>guix environment --pure \
>--ad-hoc python nss-certs -- \
>python3 -c 'import urllib.request;
> print(urllib.request.urlopen("http://wwwbis.sidc.be/DATA/uset/Wlight/2003/11/UPH20031109112104.FTS";))'
>
> b
Dear Guix experts,
I am trying to move the execution of a Python script into a pure
environment, but it fails because of certificate issues for which I am
looking for a good fix.
The minimal example I came up with is:
guix environment --pure \
--ad-hoc python -- \
python
11 matches
Mail list logo
