I came across
https://fedoraproject.org/wiki/PackagingDrafts/Certificates
while trying to figure out how best to manage adding our private CA
certificate to openssl's list of CA certificates. Unfortunately it appears
that currently openssl only uses the single file /etc/pki/tls/cert.pem. This
makes it hard to add one's own CAs and still get updates.
Has there been any progress in this area? Any hope of a /etc/pkg/tls/cert.d/
directory where you could drop CA certs?
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA/CoRA Division FAX: 303-415-9702
3380 Mitchell Lane orion(a)cora.nwra.com
Boulder, CO 80301
http://www.cora.nwra.com