On Thu, Oct 14, 2004 at 08:32:47PM +0200, Daniel Stenberg wrote:
> ... and that seems wrong, since the ca certs might be useful to any app
> that uses libcurl.

Here's another "solution": it seems that OpenSSL supplies a set of
certificates of its own, and everybody (well, at least Linux distributions)
seems to put them in the fixed location /usr/share/ssl/certs/ca-bundle.crt.
Since those are almost guaranteed to be available when an SSL-enabled
libcurl is installed (since OpenSSL has to be installed), libcurl's
default hard-coded certificate bundle path could be changed to that
location and curl's certificate bundle simply left out (or supplied as
a extra "documentation" file so it doesn't conflict with other versions
of the package). If you wanted to get fancy, you could have configure
search for an appropriate ca-bundle file at compile time.

This solution effectively pushes the file conflict problem down to OpenSSL,
where it can be solved by any of the other solutions I suggested earlier--
or not, but at least it's not curl's problem then!

>>> Dan

-- 
http://www.MoveAnnouncer.com              The web change of address service
          Let webmasters know that your web site has moved