On Linux From Scratch, the system certificate store is set by make-ca. It saves the certificate bundle as /etc/pki/tls/certs/ca-bundle.crt, and separate certificate files into /etc/ssl/certs. Note that /etc/pki/tls/certs does not contain the separate certificate files.
With OpenSSL-3, the "wrong" SSL_CERT_DIR setting causes cURL to immediately error out with "SSL certificate problem: unable to get local issuer certificate".
Is it possible to fix the issue? Or maybe we our way to store the certificates is "insane"?
On Linux From Scratch, the system certificate store is set by make-ca. It saves the certificate bundle as
/etc/pki/tls/certs/ca-bundle.crt, and separate certificate files into/etc/ssl/certs. Note that/etc/pki/tls/certsdoes not contain the separate certificate files.Then openssl-probe produces:
With OpenSSL-3, the "wrong" SSL_CERT_DIR setting causes cURL to immediately error out with "SSL certificate problem: unable to get local issuer certificate".
Is it possible to fix the issue? Or maybe we our way to store the certificates is "insane"?