From 35fd4bb74420e7b49d7c8efb213a3d8869d58abb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= Date: Tue, 14 Nov 2023 13:13:43 +0000 Subject: [PATCH] copy CA certificates to jail MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit for curl >= 8.3.0 which removed the nss backend, requiring the certs with the OpenSSL backend. DeepL access doesn't work otherwise. Use the same list and order as used in core: see: similar to https://gerrit.libreoffice.org/c/core/+/158915 and: https://www.happyassassin.net/posts/2015/01/12/a-note-about-ssltls-trusted-certificate-stores-and-platforms/ Signed-off-by: Caolán McNamara Change-Id: Ic9de1e926977f63592146ac17df42704c8d86ccd --- coolwsd-systemplate-setup | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/coolwsd-systemplate-setup b/coolwsd-systemplate-setup index f7a68f8a0..8fc6323bb 100755 --- a/coolwsd-systemplate-setup +++ b/coolwsd-systemplate-setup @@ -65,6 +65,14 @@ find etc/fonts \ usr/lib/*/libsqlite* \ -type l 2>/dev/null +# Find the first of these that exist to fulfill ssltls +# via openssl requirements +find etc/pki/tls/certs/ca-bundle.crt \ + etc/pki/tls/certs/ca-bundle.trust.crt \ + etc/ssl/certs/ca-certificates.crt \ + var/lib/ca-certificates/ca-bundle.pem \ + -type l,f -print -quit 2>/dev/null + # Go through the LO shared objects and check what system libraries # they link to. find $INSTDIR -name 'xpdfimport' |