From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andreas Enge Subject: Re: [PATCH] gnu: gnutls: Configure location of system-wide trust store Date: Sun, 15 Feb 2015 10:16:32 +0100 Message-ID: <20150215091632.GA9692@debian> References: <87r3u7di49.fsf@netris.org> <20150204123652.GA21908@debian.eduroam.u-bordeaux.fr> <87wq3jah2w.fsf@netris.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:52286) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YMvJh-0005Jh-VD for guix-devel@gnu.org; Sun, 15 Feb 2015 04:16:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YMvJd-0007dn-BJ for guix-devel@gnu.org; Sun, 15 Feb 2015 04:16:41 -0500 Received: from mout.kundenserver.de ([212.227.126.131]:54537) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YMvJd-0007dc-2i for guix-devel@gnu.org; Sun, 15 Feb 2015 04:16:37 -0500 Content-Disposition: inline In-Reply-To: <87wq3jah2w.fsf@netris.org> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org To: Mark H Weaver Cc: guix-devel@gnu.org Hello Mark, I am a bit lost with this explanation: On Sun, Feb 15, 2015 at 12:17:59AM -0500, Mark H Weaver wrote: > I've set GIT_SSL_CAINFO in my environment for a long time to make Git > check certificates properly on GuixSD, but without the single-file > certificate bundle, I've lost certificate checking in Git. Is this because upon installing nss-certs, you uninstalled your single file? Since we had no certificates at all before, I fail to understand how the situation could be worse now than it was. Would implementing the p11-kit suggestion for gnutls solve the problem? Your further analysis might also imply that we need search path definitions for git and curl (although this does not seem to be enough at the moment). Andreas