certtools
[8] Certificate store
- requests uses it's own store, which is basically a copy of mozilla's. The package by ubuntu-maintaines uses the system store.
- sleekxmpp requires to get the path to a certificate store file. doc and code
- imbox can use a SSLContext.
Idea: Set the path to the certificate store globally in the defaults.conf, optionally in the bots. The default should be currently /etc/ssl/certs/ca-certificates.crt (as debian/ubuntu is currently the primary platform), and for packages provide a proper default.
needed for AH connections
-> which is the xmpp-connection with sleekxmpp
I opt for the global store which can be configured in defaults (as suggested in https://github.com/certtools/intelmq/issues/532#issue-156972340), it should have a fallback to the systems store (if applicable), if no custom store was configured. Whilst implementing, remember the n6 collector which requires it's own CA.
Fine with me.
Mobile
On 06.10.2016, at 10:10, Dustin Demuth [email protected] wrote:
needed for AH connections
-> which is the xmpp-connection with sleekxmpp
I opt for the global store which can be configured in defaults, it should have a fallback to the systems store (if applicable), if no custom store was configured. Whilst implementing, remember the n6 collector which requires it's own CA.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.