[BUG]: ca-certificates’s files on AlamLinux 10 do not exist where openssl thinks they do #249
Description
Is there an existing issue for this?
- I have searched the existing issues
Current Behavior
On AlmaLinux 8,9, ca-certificates provides /etc/pki/tls/cert.pem as a symlink to /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem but on AlmaLinux 10, it's missing.
If you call a php function that uses openssl_get_cert_locations() on any PHP version with AlmaLinux 10, it will dump this:
(
[default_cert_file] => /etc/pki/tls/cert.pem
[default_cert_file_env] => SSL_CERT_FILE
[default_cert_dir] => /etc/pki/tls/certs
[default_cert_dir_env] => SSL_CERT_DIR
[default_private_dir] => /etc/pki/tls/private
[default_default_cert_area] => /etc/pki/tls
[ini_cafile] =>
[ini_capath] =>
)
This seems to have been introduce with the version of ca-certificates that AlmaLinux 10 provides.
Expected Behavior
The symlink behavior should be restored to be more in line with the older versions of ca-certificates.
Steps To Reproduce
- Spin up AL10
- Execute
openssl version -dand it should display this:
OPENSSLDIR: "/etc/pki/tls" - Make sure PHP is installed (or curl-config) and run
php -r 'var_dump(openssl_get_cert_locations());'
4. The above should display /etc/pki/tls/cert.pem for the default cert file.
5. /etc/pki/tls/cert.pem is missing on AlmaLinux 10 (it's actually located in /etc/ssl/tls/cert.pm now)
Anything else?
No response
Search terms
ca-certificates