diff options
author | jgeboski <jgeboski@gmail.com> | 2015-07-15 23:18:29 +0300 |
---|---|---|
committer | jgeboski <jgeboski@gmail.com> | 2015-07-15 23:18:29 +0300 |
commit | 24a7e630abe7574102b282b91f4c8a42afe049b3 (patch) | |
tree | 923e7d5a862c4c365ec4289fd1e0a4a07e827f3e /Makefile.am | |
parent | cfbfc9cc8cd3cef283a045fee09491f3e8a076fa (diff) |
configure: added option to install additional CA certs
When pidgin is built with --with-system-ssl-certs, libpurple relies on
the system to have all required CA certs installed. But when GnuTLS is
used, the cert verification process can error when the issuing CA cert
of a CA cert is missing.
In order to navigate this issue, --with-ssl-certs has been added to
allow for the installing of potentially missing CAs. An installation
of pidgin where --with-system-ssl-certs is used is recommended to pass
this flag to autotools at configuration time.
This issue is seen with the Baltimore_CyberTrust_Root CA, which is
distributed by ca-certificates. The Baltimore certificate is issued by
the GTE_CyberTrust_Global_Root CA, and GTE_CyberTrust_Global_Root is
missing from ca-certificates.
Diffstat (limited to 'Makefile.am')
-rw-r--r-- | Makefile.am | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/Makefile.am b/Makefile.am index 5f214d3..a519799 100644 --- a/Makefile.am +++ b/Makefile.am @@ -11,5 +11,11 @@ EXTRA_DIST = \ pidgin/AUTHORS \ pidgin/COPYING \ pidgin/COPYRIGHT \ + pidgin/share/ca-certs/GTE_CyberTrust_Global_Root.pem \ update.sh \ VERSION + +if WITH_SSL_CERTS +sslcertsdir = $(datadir)/purple/ca-certs +sslcerts_DATA = pidgin/share/ca-certs/GTE_CyberTrust_Global_Root.pem +endif |