#921 new defect

config: support multiple CAfile arguments

Reported by: ilf@… Owned by:
Priority: normal Milestone:
Component: BitlBee Version: 3.0.5
Keywords: Cc:
IRC client+version: Client-independent Operating System: Public server
OS version/distro:


Hooray for vertificate verification in 3.0.5!

Unfortunately, I also use certificates from I tried adding two CAfile arguments in bitlbee.conf. One normal OS stack, and one for CAcert. Unfortunately, it fails and only uses the last one :(

I'd like to not merge the one into the OS one, since will be thrown out on every update.

What about allowing multiple CAfile arguments?

Attachments (0)

Change History (4)

comment:1 Changed at 2012-02-20T19:33:44Z by Jelmer Vernooij

You should be able to create just one combined file with the certificates from both. This is why most applications only allow a single file to be specified (and why most OS vendors have a way of creating a single file).

comment:2 Changed at 2012-02-20T21:23:46Z by ilf

Yeah, that's what I did for now.

But I also said why I don't want to do that: Every update of the OS CA stack overrides this.

comment:3 Changed at 2012-02-20T21:45:09Z by Wilmer van der Gaast <wilmer@…>

That's bizarre. Which OS is this? I never have that problem on Debian. IIRC I just put the cert in /usr/local/share/share/ca-certificates

comment:4 Changed at 2012-02-21T11:10:32Z by wilmer

ilf's comment:

FreeBSD. The ca_root_nss port doesn't provide a .crt for each cert, but one /usr/local/share/certs/ca-root-nss.crt with all combined. Apparently that's how Red Hat does it, too:

Shitty akismet keeps marking it as spam so I'm copy-pasting it from the spam monitoring interface.

Modify Ticket

as new The ticket will remain with no owner.

Add Comment

E-mail address and name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.