Linux

9696 readers

331 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

Finding a successor to the FHS (lwn.net)

submitted 1 month ago by cm0002@lemmy.world to c/linux@programming.dev

8 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] FizzyOrange@programming.dev 5 points 1 month ago (1 children)

If they could just decide where TLS certificates live...

[–] Samueru_sama@programming.dev 4 points 1 month ago* (last edited 1 month ago) (1 children)

Most distros have /etc/ssl/certs/ca-certificates.crt, sometimes it is a symlink but that location is there in ubuntu, alpine, fedora and arch.

edit: Also you can usually change this location with an env variable.

[–] FizzyOrange@programming.dev 4 points 1 month ago (1 children)

If only it were so simple. https://serverfault.com/a/722646

[–] Samueru_sama@programming.dev 3 points 1 month ago

That's the real location of the certs, but once again they usually make a symlink in /etc/ssl/certs/ca-certificates.crt

One library that is problematic is p11-kit, this one usually comes with a different path to the certs hardcoded and does not respect env variables unless it is compiled with a specific flag which no distro uses.

So I had to do this hack to fix that library.