[gnutls-devel] gnutls 3.5.11

Andreas Metzler ametzler at bebt.de
Tue Apr 11 07:05:14 CEST 2017

On 2017-04-10 Andreas Radke <andreas.radke at mailbox.org> wrote:
> Am Sat, 8 Apr 2017 14:39:56 +0200 schrieb Andreas Metzler <ametzler at bebt.de>:
>> On 2017-04-08 Andreas Radke <andreas.radke at mailbox.org> wrote:
>>> With this new release the test suite fails here:  

>>> FAIL: trust-store
>>> =================  

>>> doit:64: no certificates were found in system trust store!
>>> FAIL trust-store (exit status: 1)  

>> This happens if gnutls is built with e.g. 
>> --with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt
>> and /etc/ssl/certs/ca-certificates.crt is empty/non-existing when
>> running the testsuite.

> lrwxrwxrwx 1 root root 49 Mar  7
> 22:05 /etc/ssl/certs/ca-certificates.crt
> -> ../../ca-certificates/extracted/tls-ca-bundle.pem # ACCVRAIZ1

> May this happen because we use a symlink? The file is not empty. We
> build using
> --with-default-trust-store-pkcs11="pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit"

You are using a different trust-store, that is why I wrote "e.g.". If
--with-default-trust-store-file=/some/file is used, then /some/file
needs to contain some certs for the test to succeed. In your case
"pkcs11:model=p11-kit-trust;manufacturer=PKCS%2311%20Kit" would have to
work. Is it possible that your missing some glue-package?

cu Andreas

`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

More information about the Gnutls-devel mailing list