Daiderd Jordan
bfccf8e42c
cacert: add hook that sets SSL_CERT_FILE
...
Fixes #32981
2017-12-27 21:03:29 +01:00
Frederik Rietdijk
13bbaee21d
Merge pull request #27881 from mimadrid/fix/http-https
...
Update homepage attributes: http -> https
2017-08-13 21:53:20 +02:00
Franz Pletz
2d5c1226c6
cacert: really fix utf-8 certname blacklists
...
See #27576 .
2017-08-09 19:54:00 +02:00
mimadrid
09e0cc7cc7
Update homepage attributes: http -> https
...
Homepage link "http://.../ " is a permanent redirect to "https://.../ " and should be updated
https://repology.org/repository/nix_stable/problems
2017-08-03 11:56:15 +02:00
Franz Pletz
55742a2044
cacert: fix unicode names in blacklist
...
Fixes #27576 .
2017-07-31 12:26:23 +02:00
Franz Pletz
0d59fc1169
cacerts: refactor, add blacklist option
...
Previously, the list of CA certificates was generated with a perl script
which is included in curl. As this script is not very flexible, this commit
refactors the expression to use the python script that Debian uses to
generate their CA certificates from Mozilla's trust store in NSS.
Additionally, an option was added to the cacerts derivation and the
`security.pki` module to blacklist specific CAs.
2016-10-09 02:00:18 +02:00
Robert Helgesson
96fc1e19b8
cacert: remove dependency on LWP
...
The `mk-ca-bundle.pl` script manages quite well using only curl but
fails without LWP being present due to a `use` statement. This removes
the Perl import of the LWP library and adds curl as a build input.
2016-06-13 22:18:59 +02:00
Eelco Dolstra
0edfda814e
Fix random ugliness
2015-07-31 01:36:41 +02:00
William A. Kennington III
ffd0539eba
cacert: store ca-bundle.crt in $out/etc/ssl/certs instead of $out
2015-06-05 13:00:52 -07:00
Eelco Dolstra
6c878e0d05
Fix cacert
2015-06-04 14:54:52 +02:00
William A. Kennington III
d6cbb061e3
cacert: Build directly from nss instead of our own tarball
2015-05-29 13:52:07 -07:00
Eelco Dolstra
6b67028383
cacert: Update to 20140715
...
This is generated with a more recent version of mk-ca-bundle.pl. The
previous version mistakenly dropped some certificates, like "Verisign
Class 3 Public Primary Certification Authority".
2014-08-05 10:43:25 +02:00
Eelco Dolstra
b9c457ba12
cacert: Update to 20140704
2014-07-30 10:14:40 +02:00
Eelco Dolstra
3f799e7233
cacert: Update to 20131205
2013-12-20 18:29:06 +01:00
Eelco Dolstra
acba9240cd
nixos.org/tarballs -> tarballs.nixos.org
...
It's currently the same machine, but tarballs.nixos.org should become
an S3/CloudFront site eventually.
2013-06-25 14:12:16 +02:00
Eelco Dolstra
d5c8f4cb60
cacert: Update to 20121229
2013-05-15 13:15:53 +02:00
Eelco Dolstra
ebc1c7d6c7
cacert: Update to 20120628
2012-07-05 17:31:23 -04:00
Eelco Dolstra
c556a6ea46
* "ensureDir" -> "mkdir -p". "ensureDir" is a rather pointless
...
function, so obsolete it.
svn path=/nixpkgs/branches/stdenv-updates/; revision=31644
2012-01-18 20:16:00 +00:00
Eelco Dolstra
f887ecef57
* Latest CA certificate bundle, now without DigiNotar certificate.
...
svn path=/nixpkgs/trunk/; revision=29269
2011-09-14 11:59:18 +00:00
Eelco Dolstra
353ec7a128
* CAcert bundle updated to the latest version (it was almost two years old).
...
svn path=/nixpkgs/trunk/; revision=28856
2011-08-28 16:02:18 +00:00
Eelco Dolstra
f724089f6f
* Added a bundle of CA certificates, useful for e.g. curl.
...
svn path=/nixpkgs/trunk/; revision=19571
2010-01-20 14:10:26 +00:00