KSSL should use (when possible) root certificates installed with the operating system instead of the ones bundled with it (which are bound to get outdated from time to time).
Aims
This is intended to make KSSL integrate better with the target system by using its root certificates. This should solve Bugzilla bug 2785 and prevent similar bugs from occuring in the future.
Solutions
One solution would be to write a script and update hook to update certificates each time KSSL is updated. This would probably have the disadvantage of having to write hooks for different package managers.
Another solution (which I'm currently researching) is KSSL itself looking for certificates, determining if a new certificate has been added and, if needed, adding it to the calist. Some infrastructure seems to be in place which could be used to this end.
# Description
KSSL should use (when possible) root certificates installed with the operating system instead of the ones bundled with it (which are bound to get outdated from time to time).
# Aims
This is intended to make KSSL integrate better with the target system by using its root certificates. This should solve [Bugzilla bug 2785](https://bugs.trinitydesktop.org/show_bug.cgi?id=2785) and prevent similar bugs from occuring in the future.
# Solutions
One solution would be to write a script and update hook to update certificates each time KSSL is updated. This would probably have the disadvantage of having to write hooks for different package managers.
Another solution (which I'm currently researching) is KSSL itself looking for certificates, determining if a new certificate has been added and, if needed, adding it to the `calist`. Some infrastructure [seems to be in place](https://mirror.git.trinitydesktop.org/gitea/TDE/tdelibs/src/branch/r14.0.x/tdeio/misc/kssld/kssld.cpp) which could be used to this end.
blu.256
added this to the R14.1.0 release milestone 2 years ago
SlavekB
modified the milestone from R14.1.0 release to R14.1.x1 year ago
Description
KSSL should use (when possible) root certificates installed with the operating system instead of the ones bundled with it (which are bound to get outdated from time to time).
Aims
This is intended to make KSSL integrate better with the target system by using its root certificates. This should solve Bugzilla bug 2785 and prevent similar bugs from occuring in the future.
Solutions
One solution would be to write a script and update hook to update certificates each time KSSL is updated. This would probably have the disadvantage of having to write hooks for different package managers.
Another solution (which I'm currently researching) is KSSL itself looking for certificates, determining if a new certificate has been added and, if needed, adding it to the
calist
. Some infrastructure seems to be in place which could be used to this end.