[MacPorts] #44796: certsync @1.0.7: update-ca-certificates does not process custom CAs
#44796: certsync @1.0.7: update-ca-certificates does not process custom CAs ------------------------------+-------------------------------- Reporter: carlos.laviola@… | Owner: macports-tickets@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.1 Keywords: | Port: certsync ------------------------------+-------------------------------- I have custom root and intermediate CAs I've added to the OS X keychain that work fine with Safari, but are not added to the openssl certificate store. The only CAs that seem to be added are the ones that are part of "System Roots", which isn't modifiable. Besides checking the trust values of these CAs, I've also tried to put them in the local and system stores to no avail. -- Ticket URL: <https://trac.macports.org/ticket/44796> MacPorts <http://www.macports.org/> Ports system for OS X
#44796: certsync @1.0.7: update-ca-certificates does not process custom CAs -------------------------------+----------------------- Reporter: carlos.laviola@… | Owner: landonf@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.1 Resolution: | Keywords: Port: certsync | -------------------------------+----------------------- Changes (by larryv@…): * cc: cal@… (added) * owner: macports-tickets@… => landonf@… -- Ticket URL: <https://trac.macports.org/ticket/44796#comment:1> MacPorts <http://www.macports.org/> Ports system for OS X
#44796: certsync @1.0.7: update-ca-certificates does not process custom CAs -------------------------------+----------------------- Reporter: carlos.laviola@… | Owner: landonf@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.1 Resolution: | Keywords: Port: certsync | -------------------------------+----------------------- Comment (by landonf@…): The keychain UI can be buggy when it comes to adding CAs to the appropriate trust settings store. Do your custom CAs show up if you run the following command? {{{ security dump-trust-settings -d }}} If not, chances are they aren't in the admin trust settings. You could try adding them directly from the command line (untested!) via: {{{ security add-trusted-cert -d <certfile> }}} -- Ticket URL: <https://trac.macports.org/ticket/44796#comment:2> MacPorts <http://www.macports.org/> Ports system for OS X
#44796: certsync @1.0.7: update-ca-certificates does not process custom CAs -------------------------------+----------------------- Reporter: carlos.laviola@… | Owner: landonf@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.1 Resolution: | Keywords: Port: certsync | -------------------------------+----------------------- Comment (by cal@…): I think this has never worked due to a bug in certsync. Please try again after r124828. -- Ticket URL: <https://trac.macports.org/ticket/44796#comment:3> MacPorts <http://www.macports.org/> Ports system for OS X
#44796: certsync @1.0.7: update-ca-certificates does not process custom CAs -------------------------------+----------------------- Reporter: carlos.laviola@… | Owner: landonf@… Type: defect | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.1 Resolution: | Keywords: Port: certsync | -------------------------------+----------------------- Comment (by landonf@…): Unfortunately, having to support such ancient OS X releases has made maintaining and testing certsync a real headache :( Replying to [comment:3 cal@…]:
I think this has never worked due to a bug in certsync. Please try again after r124828.
Hrm; definitely worked for me, since I couldn't check anything out at work, etc, without a custom CA being included. -- Ticket URL: <https://trac.macports.org/ticket/44796#comment:4> MacPorts <http://www.macports.org/> Ports system for OS X
participants (1)
-
MacPorts