In message <20211004133033.GE24621(a)equanimity.local>
Daniel Silverstone <dsilvers(a)netsurf-browser.org> wrote:
On Mon, Oct 04, 2021 at 14:19:30 +0100, David Higton wrote:
> > On Sun, Oct 03, 2021 at 20:54:34 +0100, David Higton wrote:
> > > Is there a way to make the RISC OS version of NS use the central CA
> > > cert bundle, InetDbase:CertData, rather than its own?
> > We honour a ca_bundle configuration option which defaults to
> > NetSurf:Resources.ca-bundle but you can change to whatever path you
> > want.
> OK, then where is it, please? I cannot find any trace of such an option
> anywhere in the distribution version.
In your choices file you should create the option ca_bundle
Right, thanks. I added the line:
to NS's Choices file, and was able to browse https sites even when I had
renamed ca_bundle inside the NS app.
it may also be present in the choices window, I'm not sure.
Nowhere to be seen. Thinking forwards to where to put it, Connection
seems the best fit.
> > That is reasonable. Not everyone does that sadly. Of
> > operating systems manage a system-wide CA bundle for the user
> > automatically. If there were an emerging standard for that on RISC OS
> > then we could probably come up with a fallback mechanism to try that
> > before using the built-in bundle.
> The standard for RISC OS, for some time, has been to use
Okay, then perhaps we need to arrange for that to be tried first, falling
back to the built in (which needs to be updated) bundle.
The scheme sounds good.