nixpkgs/nixos/modules/security/ca.nix
Eelco Dolstra 36f99a9a82 Set $SSL_CERT_FILE
It's more standard than $OPENSSL_X509_CERT_FILE (which I guess was a
totally unnecessary patch to OpenSSL). Since curl respects
$SSL_CERT_FILE, it's no longer needed to set $CURL_CA_BUNDLE. Git
unfortunately doesn't.
2014-07-28 19:09:32 +02:00

24 lines
495 B
Nix

{ config, lib, pkgs, ... }:
with lib;
{
config = {
environment.etc =
[ { source = "${pkgs.cacert}/etc/ca-bundle.crt";
target = "ssl/certs/ca-bundle.crt";
}
];
environment.sessionVariables =
{ SSL_CERT_FILE = "/etc/ssl/certs/ca-bundle.crt";
# FIXME: unneeded - remove eventually.
OPENSSL_X509_CERT_FILE = "/etc/ssl/certs/ca-bundle.crt";
GIT_SSL_CAINFO = "/etc/ssl/certs/ca-bundle.crt";
};
};
}