Re: Again on security/gnutls certificate store

2022-08-18 Thread Andrea Venturoli
On 8/15/22 09:43, Tijl Coosemans wrote: "trust list" now outputs nothing. ("Standard" "trust list" of course outputs all certs from ca_root_nss). You are right that, according to the documentation, this should work; I have no idea why it doesn't though. Try this patch instead. Works like a

Re: Again on security/gnutls certificate store

2022-08-15 Thread Tijl Coosemans
On Mon, 15 Aug 2022 08:18:36 +0900 Tatsuki Makino wrote: > Tijl Coosemans wrote on 2022/08/13 18:51: >> Try this patch for p11-kit. If it works you can file a bug against >> p11-kit, because I believe ports are supposed to move away from >> ca_root_nss. >> >> --- a/security/p11-kit/Makefile >> ++

Re: Again on security/gnutls certificate store

2022-08-15 Thread Tijl Coosemans
On Sun, 14 Aug 2022 17:10:37 +0200 Andrea Venturoli wrote: > On 8/13/22 11:51, Tijl Coosemans wrote: >> Try this patch for p11-kit. If it works you can file a bug against >> p11-kit, because I believe ports are supposed to move away from >> ca_root_nss. >> >> --- a/security/p11-kit/Makefile >> ++

Re: Again on security/gnutls certificate store

2022-08-14 Thread Tatsuki Makino
Hello. Tijl Coosemans wrote on 2022/08/13 18:51: > Try this patch for p11-kit. If it works you can file a bug against > p11-kit, because I believe ports are supposed to move away from > ca_root_nss. > > --- a/security/p11-kit/Makefile > +++ b/security/p11-kit/Makefile > @@ -25,7 +25,7 @@ MESON_AR

Re: Again on security/gnutls certificate store

2022-08-14 Thread Andrea Venturoli
On 8/13/22 11:51, Tijl Coosemans wrote: Try this patch for p11-kit. If it works you can file a bug against p11-kit, because I believe ports are supposed to move away from ca_root_nss. --- a/security/p11-kit/Makefile +++ b/security/p11-kit/Makefile @@ -25,7 +25,7 @@ MESON_ARGS= -Dbash_comple

Re: Again on security/gnutls certificate store

2022-08-13 Thread Tijl Coosemans
On Sat, 13 Aug 2022 10:35:21 +0200 Andrea Venturoli wrote: > Hello. > > I'm building my ports with Poudriere using quarterly branch. Also I need > a private CA (whose cert is is correctly hashed in /etc/ssl/certs). > > Some time ago, since gnutls didn't pick up my cert, I reported #260723 > (s

Again on security/gnutls certificate store

2022-08-13 Thread Andrea Venturoli
Hello. I'm building my ports with Poudriere using quarterly branch. Also I need a private CA (whose cert is is correctly hashed in /etc/ssl/certs). Some time ago, since gnutls didn't pick up my cert, I reported #260723 (security/gnutls uses only security/ca_root_nss as certificate store) Thi