[ca-certificates-utils] /etc/libressl/cert.pem should use certs from /etc/ca-certificates/
| Task Info (Flyspray) | |
|---|---|
| Opened By | nl6720 (nl6720) |
| Task ID | 69298 |
| Type | Feature Request |
| Project | Community Packages |
| Category | Packages |
| Version | None |
| OS | All |
| Opened | 2021-01-12 07:56:23 UTC |
| Status | Assigned |
| Assignee | Levente Polyak (anthraxx) |
| Assignee | Bruno Pagani (ArchangeGabriel) |
| Assignee | T.J. Townsend (blakkheim) |
Details
Description:
The libressl package ships with its own CA certificates packed in /etc/libressl/cert.pem. This doesn't seem right. It should instead use the certs from /etc/ca-certificates/extracted/tls-ca-bundle.pem like it's done for openssl with the /etc/ssl/cert.pem -> ../ca-certificates/extracted/tls-ca-bundle.pem symlink provided by ca-certificates-utils.
IMHO /etc/libressl/cert.pem should be removed from libressl and ca-certificates-utils should provide a /etc/libressl/cert.pem -> ../ca-certificates/extracted/tls-ca-bundle.pem symlink.
Additional info:
- package version(s)
- config and/or log files etc.
- link to upstream bug report, if any libressl 3.2.3-1 ca-certificates-utils 20181109-4 ca-certificates 20181109-4 ca-certificates-mozilla 3.60.1-1
Steps to reproduce: $ diff /etc/ssl/cert.pem /etc/libressl/cert.pem