[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Certificates in pure and containerized environments

From: Konrad Hinsen
Subject: Re: Certificates in pure and containerized environments
Date: Wed, 13 Oct 2021 13:51:40 +0200

Hi Maxim,

> I agree that managing certs with Guix has many benefits, and having
> GnuTLS honor an SSL_CERTS_DIRS environment variable would enable that.

Yes, but it would also make it hard to avoid non-Guix-managed
certificates from being used, be it through user (configuration)
error or malice.

> Remember that installing nss-certs or your certs of choice package to a
> profile is not enough to have them discovered; something such as en
> environment variable and a search path specification is also necessary.

That's exactly what I'd like to change (ideally, I don't know if that is
even possible). Configuration via Guix and nothing but
Guix. The only certificates being used are those defined in a Guix
profile or environment.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]