Roll call: default SSL CA certificates on various platforms

I need to take an inventory of where SSL CA certificates are installed on
various platforms. I intend to drop the SSL CA certificate bundle installed
by Courier, rather have the configure script use the system default.

On Fedora, it's /etc/pki/tls/cert.pem, and I'd like to know, at the least,
where the certs are installed on Debian/Ubuntu, and various BSDs. Solaris
would be nice, too.



-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
courier-users mailing list
courier-users@...
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Sam Varshavchik wrote:
> I need to take an inventory of where SSL CA certificates are
> installed on various platforms. I intend to drop the SSL CA
> certificate bundle installed by Courier, rather have the configure
> script use the system default.

I welcome that.

> On Fedora, it's /etc/pki/tls/cert.pem, and I'd like to know, at the
> least, where the certs are installed on Debian/Ubuntu, and various
> BSDs. Solaris would be nice, too.

On Debian /etc/ssl/certs/ca-certificates.crt contains the concatenated
certificates. This file is no symlink. The same directory holds a
symlink to each individual cert and a respective 'hashlink'. The actual
certs are installed in subdirectories in /usr/share/ca-certificates. The
user can select which of those he trusts and an update command will then
create all files in /etc/ssl/certs.

Jochen

-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
courier-users mailing list
courier-users@...
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Sam Varshavchik wrote:
> On Fedora, it's /etc/pki/tls/cert.pem, and I'd like to know, at the
> least, where the certs are installed on Debian/Ubuntu, and various BSDs.
> Solaris would be nice, too.

OpenBSD has cert.pem in /etc/ssl, see:
http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/cert.pem

-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
courier-users mailing list
courier-users@...
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Hi.

On Thursday 03 July 2008, Jochen Antesberger wrote:
> On Debian /etc/ssl/certs/ca-certificates.crt contains the concatenated
> certificates. This file is no symlink. The same directory holds a
> symlink to each individual cert and a respective 'hashlink'. The actual
> certs are installed in subdirectories in /usr/share/ca-certificates. The
> user can select which of those he trusts and an update command will then
> create all files in /etc/ssl/certs.

The very same on Gentoo.

regards, Bernd

--
Don't drink and su.


-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
courier-users mailing list
courier-users@...
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users