From 06b46f646d570a8e1110aabdf85d5bb4b1135cce Mon Sep 17 00:00:00 2001 From: Dmitry Kalinkin Date: Wed, 22 Feb 2017 14:04:47 -0500 Subject: [PATCH] use --cacert instead of --capath This forces curl to use nix bundled crt instead of picking one up from system. Fixes: 142c77711 ('Propagate path of CA bundle to curl child processes') --- perl/lib/Nix/Config.pm.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/perl/lib/Nix/Config.pm.in b/perl/lib/Nix/Config.pm.in index 5f87756c..d95ec4f0 100644 --- a/perl/lib/Nix/Config.pm.in +++ b/perl/lib/Nix/Config.pm.in @@ -16,7 +16,7 @@ $caBundle = $ENV{"NIX_SSL_CERT_FILE"} // $ENV{"SSL_CERT_FILE"} // $ENV{"CURL_CA_ $caBundle = "/etc/ssl/certs/ca-bundle.crt" if !$caBundle && -f "/etc/ssl/certs/ca-bundle.crt"; $caBundle = "/etc/ssl/certs/ca-certificates.crt" if !$caBundle && -f "/etc/ssl/certs/ca-certificates.crt"; -$curlCaFlag = defined $caBundle ? "--capath $caBundle" : ""; +$curlCaFlag = defined $caBundle ? "--cacert $caBundle" : ""; $bzip2 = "@bzip2@"; $xz = "@xz@";