Fossil SCM
Noted that linking Fossil to an OpenSSL built from source opens the user to the "no root certs" problem previously solved in www/ssl.wiki.
Commit
c563be15526be6f215521fd3fc084b95907fd93b9f613e275ec8741698d9fdda
Parent
1e21abda9addd71…
1 file changed
+8
-2
+8
-2
| --- www/ssl.wiki | ||
| +++ www/ssl.wiki | ||
| @@ -154,12 +154,18 @@ | ||
| 154 | 154 | |
| 155 | 155 | <pre> |
| 156 | 156 | fossil set --global ssl-ca-location /path/to/cacert.pem |
| 157 | 157 | </pre> |
| 158 | 158 | |
| 159 | -Linux platforms tend to provide such a root cert store along with the | |
| 160 | -platform OpenSSL package, either built-in or as a hard dependency. | |
| 159 | +This can also happen if you've linked Fossil to a version of OpenSSL | |
| 160 | +[built from source](#openssl-src). That same `cacert.pem` fix can work | |
| 161 | +in that case, too. | |
| 162 | + | |
| 163 | +When you build Fossil on Linux platforms against the binary OpenSSL | |
| 164 | +package provided with the OS, you typically get a root cert store along | |
| 165 | +with the platform OpenSSL package, either built-in or as a hard | |
| 166 | +dependency. | |
| 161 | 167 | |
| 162 | 168 | |
| 163 | 169 | <h4>Client-Side Certificates</h4> |
| 164 | 170 | |
| 165 | 171 | You can also use client side certificates to add an extra layer of |
| 166 | 172 |
| --- www/ssl.wiki | |
| +++ www/ssl.wiki | |
| @@ -154,12 +154,18 @@ | |
| 154 | |
| 155 | <pre> |
| 156 | fossil set --global ssl-ca-location /path/to/cacert.pem |
| 157 | </pre> |
| 158 | |
| 159 | Linux platforms tend to provide such a root cert store along with the |
| 160 | platform OpenSSL package, either built-in or as a hard dependency. |
| 161 | |
| 162 | |
| 163 | <h4>Client-Side Certificates</h4> |
| 164 | |
| 165 | You can also use client side certificates to add an extra layer of |
| 166 |
| --- www/ssl.wiki | |
| +++ www/ssl.wiki | |
| @@ -154,12 +154,18 @@ | |
| 154 | |
| 155 | <pre> |
| 156 | fossil set --global ssl-ca-location /path/to/cacert.pem |
| 157 | </pre> |
| 158 | |
| 159 | This can also happen if you've linked Fossil to a version of OpenSSL |
| 160 | [built from source](#openssl-src). That same `cacert.pem` fix can work |
| 161 | in that case, too. |
| 162 | |
| 163 | When you build Fossil on Linux platforms against the binary OpenSSL |
| 164 | package provided with the OS, you typically get a root cert store along |
| 165 | with the platform OpenSSL package, either built-in or as a hard |
| 166 | dependency. |
| 167 | |
| 168 | |
| 169 | <h4>Client-Side Certificates</h4> |
| 170 | |
| 171 | You can also use client side certificates to add an extra layer of |
| 172 |