After the recent change to ftp/curl where security/ca_root_nss was removed as a dependency in favor of using the base system's default trust store, I can't connect via TLS after removing security/ca_root_nss from my system.
Reinstalling security/ca_root_nss fixes the problem. I rarely use
This is on FreeBSD 13.2-RELEASE-p4 amd64, with packages built locally using ports-mgmt/poudriere and OpenSSL 1.1.1 from ports.
Can anyone else confirm this behavior?
Code:
$ curl -I https://google.com
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
Reinstalling security/ca_root_nss fixes the problem. I rarely use
curl
by itself, but whenever I update my ports tree or system source using git
over https:// (which uses curl
for the secure connection), it gives the same error.This is on FreeBSD 13.2-RELEASE-p4 amd64, with packages built locally using ports-mgmt/poudriere and OpenSSL 1.1.1 from ports.
Can anyone else confirm this behavior?