Closed ncw closed 8 years ago
why is /etc/pki/tls/cacert.pem "standard" but /etc/ssl/cert.pem not? is the "standard" defined somewhere?
A symlink to the old location would save the Go devs from supporting yet another variation and save users of Go related addons headache after upgrading.
@sraue thanks for fixing this - looks good.
This is causing a problem for ncw/rclone#466 as the go runtime can't find the SSL certificates in openelec 7 beta.
Go doesn't use openssl it has its own SSL implementation, but it relies on finding the root certificates in a standard place.
The Go runtime looks for SSL certificates in these places (note the openelec < 7 work-around).
and from these directories
I can propose a change to the go project to look in
/etc/ssl/cert.pem
but it seems to me that storing the CA bundle in one of the standard places (or back in/etc/pki/tls/cacert.pem
) would be a better idea for openelec and avoid the go source becoming cluttered up with openelec exceptions!This change was introduced in c2e0fdc85cd3c05e9eee2b1760f426ff30695138 as far as I can see