Open Gau-thier opened 1 year ago
Thanks for your report. Would you mind to run the command security find-certificate -a -p /System/Library/Keychains/SystemRootCertificates.keychain
and provide the output?
security find-certificate -a -p
I've got a similar problem on a debian with a few cert issues. It seems there's some cruft from previous config. One of the messages refers to a path that no longer exists, so it may be related to an error-handling issue having to do with missing or null values.
I re-created the missing directory and appended the content from another file to the absent file to work around it.
After that semgrep --config auto worked without an error.
Thanks for your comment. On debian, the following paths should be looked up in order: ( Debian/Ubuntu/Gentoo etc. ) "/etc/ssl/certs/ca-certificates.crt"; ( CentOS/RHEL 7 ) "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem"; ( OpenSUSE ) "/etc/ssl/ca-bundle.pem";
So, does "/etc/ssl/certs/ca-certificates.crt" exist on your system and is a file?
It seems there's some cruft from previous config.
Sorry to hear about that.
One of the messages refers to a path that no longer exists, so it may be related to an error-handling issue having to do with missing or null values.
Would you mind to elaborate: which path does no longer exist? And which "error-handling issues" are you talking about?
Can I customize the path of the trust anchor file?
Can I customize the path of the trust anchor file?
Yes indeed -- as documented in the API docs https://ocaml.org/p/ca-certs/latest/doc/Ca_certs/index.html#val-trust_anchors you can set the environment variable(s) "SSL_CERT_FILE" or "NIX_SSL_CERT_FILE", which are then respected.
Can I customize the path of the trust anchor file?
Yes indeed -- as documented in the API docs https://ocaml.org/p/ca-certs/latest/doc/Ca_certs/index.html#val-trust_anchors you can set the environment variable(s) "SSL_CERT_FILE" or "NIX_SSL_CERT_FILE", which are then respected.
Thank you so much, it works
I am facing the following error on my project:
Here are the details: