diff options
| author | rnhmjoj <rnhmjoj@inventati.org> | 2021-11-17 00:56:36 +0100 |
|---|---|---|
| committer | rnhmjoj <rnhmjoj@inventati.org> | 2021-11-18 22:38:21 +0100 |
| commit | cf3013b4c0df4e01ea761d2fa2c6b69a38f9a5a4 (patch) | |
| tree | 239fa53c1a633301ddec4f894a927fab8a49e1ee /pkgs/development/libraries/p11-kit | |
| parent | 93d09085ea8d9d348520b8a386c2f9b860a73dea (diff) | |
| download | nixpkgs-cf3013b4c0df4e01ea761d2fa2c6b69a38f9a5a4.tar nixpkgs-cf3013b4c0df4e01ea761d2fa2c6b69a38f9a5a4.tar.gz nixpkgs-cf3013b4c0df4e01ea761d2fa2c6b69a38f9a5a4.tar.bz2 nixpkgs-cf3013b4c0df4e01ea761d2fa2c6b69a38f9a5a4.tar.lz nixpkgs-cf3013b4c0df4e01ea761d2fa2c6b69a38f9a5a4.tar.xz nixpkgs-cf3013b4c0df4e01ea761d2fa2c6b69a38f9a5a4.tar.zst nixpkgs-cf3013b4c0df4e01ea761d2fa2c6b69a38f9a5a4.zip | |
p11-kit: add Fedora/RHEL trust store path
Fedora and RHEL use a different location for the trust store, compared to other distros. Without this, validation of the CA root certificates fails in all nss applications.
Diffstat (limited to 'pkgs/development/libraries/p11-kit')
| -rw-r--r-- | pkgs/development/libraries/p11-kit/default.nix | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/pkgs/development/libraries/p11-kit/default.nix b/pkgs/development/libraries/p11-kit/default.nix index 4ddc01ee6b2..34a3788d786 100644 --- a/pkgs/development/libraries/p11-kit/default.nix +++ b/pkgs/development/libraries/p11-kit/default.nix @@ -31,7 +31,11 @@ stdenv.mkDerivation rec { configureFlags = [ "--sysconfdir=/etc" "--localstatedir=/var" - "--with-trust-paths=/etc/ssl/trust-source:/etc/ssl/certs/ca-certificates.crt" + "--with-trust-paths=${lib.concatStringsSep ":" [ + "/etc/ssl/trust-source" # p11-kit trust source + "/etc/ssl/certs/ca-certificates.crt" # NixOS + Debian/Ubuntu/Arch/Gentoo... + "/etc/pki/tls/certs/ca-bundle.crt" # Fedora/CentOS + ]}" ]; enableParallelBuilding = true; |