On Thu, Jun 16, 2022 at 2:11 PM Felipe Gasper <felipe@felipegasper.com> wrote: > > > On Jun 16, 2022, at 14:42, Craig A. Berry <craig.a.berry@gmail.com> wrote: > > So let's please not go with a Linux-only solution and just use > > Mozilla::CA as already planned. > > How would using OpenSSLâs root certs be less âLinux-onlyâ than using Net::SSLeay? Both OpenSSL and Net::SSLeay are very portable. The Linuxy assumption is that an OpenSSL package includes (or symlinks to) authoritative certificates provided by the OS distributor. That is unlikely to be the case on non-Linux. I don't know, but the BSDs very likely do something similar with LibreSSL, though as far as I can find, the authoritative certs included with BSD distros are just the same Mozilla certs you'd get with Mozilla::CA. If the Mozilla certificates are good enough for the BSDs and for curl, why wouldn't they be good enough for us, especially since there is already a Perl-friendly way to maintain them?Thread Previous | Thread Next