[Clamav-devel] Override the CA bundle file when using freshclam.
Gianluigi Tiesi
sherpya at netfarm.it
Sat Jun 6 08:29:34 EDT 2020
On 6/6/20 8:37 AM, Ladar Levison wrote:
> I was having trouble using the latest freshclam version on CentOS 6,
> because the system wide CA bundle file used by libcurl is unable to
> validate the ClamAV HTTPS certificates. So I fixed the problem with a
> small patch that allows the user to override the CA bundle file
> freshclam uses. You can set the path via the "CAFile" directive in the
> freshclam.conf file, or dictate the path using freshclam command line,
> as --ca=FILE" ... the patch is a little rough, I didn't test/document
> the conf file option, and I haven't written unit tests for it, but since
> it's a pretty important feature I'm submitting the patch to the list ... L~
>
>
just add to system store:
https://cacerts.digicert.com/BaltimoreCyberTrustRoot.crt
instruction also for centos 6:
https://manuals.gfi.com/en/kerio/connect/content/server-configuration/ssl-certificates/adding-trusted-root-certificates-to-the-server-1605.html
Regards
--
Gianluigi Tiesi <sherpya at netfarm.it>
Chief Technology Officer
Netfarm S.r.l. - http://www.netfarm.it/
Free Software: http://oss.netfarm.it/
Q: Because it reverses the logical flow of conversation.
A: Why is putting a reply at the top of the message frowned upon?
More information about the clamav-devel
mailing list