Created
March 22, 2012 12:50
-
-
Save 1stvamp/2158128 to your computer and use it in GitHub Desktop.
Script to install cURL CA certificates on OS X without macports
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
mkdir /tmp/curl-ca-bundle | |
cd /tmp/curl-ca-bundle | |
wget http://curl.haxx.se/download/curl-7.22.0.tar.bz2 | |
tar xzf curl-7.22.0.tar.bz2 | |
cd curl-7.22.0/lib/ | |
./mk-ca-bundle.pl | |
if [ ! -d /usr/share/curl/ ]; then | |
sudo mkdir -p /usr/share/curl/ | |
else | |
sudo mv /usr/share/curl/ca-bundle.crt /usr/share/curl/ca-bundle.crt.original | |
fi | |
sudo mv ca-bundle.crt /usr/share/curl/ca-bundle.crt | |
echo | |
echo "Done!" |
@ElpsySec thank you!
Setting /set weechat.network.gnutls_ca_file "/usr/local/etc/openssl/cert.pem"
as in WeeChat FAQ works for me. Homebrew OpenSSL Caveats says:
==> Caveats
A CA file has been bootstrapped using certificates from the SystemRoots
keychain. To add additional certificates (e.g. the certificates added in
the System keychain), place .pem files in
/usr/local/etc/openssl/certs
and run
/usr/local/opt/openssl/bin/c_rehash
This formula is keg-only, which means it was not symlinked into /usr/local,
because Apple has deprecated use of OpenSSL in favor of its own TLS and crypto libraries.
If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.zshrc
For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/openssl/lib
CPPFLAGS: -I/usr/local/opt/openssl/include
For pkg-config to find this software you may need to set:
PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
Confirming that solution provided by @oblitum works. Many thanks!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@ElpsySec Thanks much for this