how to make gnutls trust p11-kit's ca-anchors?

Ludwig Nussel ludwig.nussel at
Thu Jul 4 05:57:24 PDT 2013


I'm currently wiring up p11-kit in openSUSE. One thing I'm currently
struggling with is gnutls. The package is built in a way that makes
p11-kit appear out of the box, ie p11tool --list-all has all root
certificates. How can I make gnutls use them as trust anchors though?
Ie what is the correct URL to pass to e.g gnutls-cli --x509cafile?
Maybe it doesn't work right away because 'p11tool --list-all-trusted'
doesn't list the certs as trusted?


  (o_   Ludwig Nussel
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)

More information about the p11-glue mailing list