[gnutls-devel] gnutls 3.5.11
Andreas Metzler
ametzler at bebt.de
Tue Apr 11 07:05:14 CEST 2017
On 2017-04-10 Andreas Radke <andreas.radke at mailbox.org> wrote:
> Am Sat, 8 Apr 2017 14:39:56 +0200 schrieb Andreas Metzler <ametzler at bebt.de>:
>> On 2017-04-08 Andreas Radke <andreas.radke at mailbox.org> wrote:
>>> With this new release the test suite fails here:
>>> FAIL: trust-store
>>> =================
>>> doit:64: no certificates were found in system trust store!
>>> FAIL trust-store (exit status: 1)
>> This happens if gnutls is built with e.g.
>> --with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt
>> and /etc/ssl/certs/ca-certificates.crt is empty/non-existing when
>> running the testsuite.
> lrwxrwxrwx 1 root root 49 Mar 7
> 22:05 /etc/ssl/certs/ca-certificates.crt
> -> ../../ca-certificates/extracted/tls-ca-bundle.pem # ACCVRAIZ1
> -----BEGIN CERTIFICATE-----
> MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
> AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
> CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ
> May this happen because we use a symlink? The file is not empty. We
> build using
> --with-default-trust-store-pkcs11="pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit"
You are using a different trust-store, that is why I wrote "e.g.". If
--with-default-trust-store-file=/some/file is used, then /some/file
needs to contain some certs for the test to succeed. In your case
"pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit" would have to
work. Is it possible that your missing some glue-package?
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Gnutls-devel
mailing list