发表新帖
发表新帖

ca-certificates Mac OS X

前端 未结
关注
7 1119
心在旅途
心在旅途 2020-12-07 21:03

I need to install offlineimap and mu4e on emacs. Problem is configuration. When I run offlineimap I get :

OfflineIMAP 6.5.5
Licensed under the GNU GPL v2+ (v
相关标签:
7条回答
  • 悲&欢浪女
    2020-12-07 21:28

    I had success on a Mac running 10.6 where I prefer the Homebrew ecosystem by using @patrick-sanan's answer and then symlinking in the Macports ecosystem version of cert.pem:

    sudo rm /usr/local/etc/openssl
sudo ln -s /opt/local/etc/openssl/cert.pem /usr/local/etc/openssl
    0 讨论(0)
  • 既然无缘
    2020-12-07 21:29

    For macOS 10.15.6 (which is currently the latest stable OS version until macOS 11 future release) I found that brew info openssl is the easiest and convenient way of how to find out where all CA certificates are located and how to add your custom CA .pem certificate.

    Spoiler from the command's output

    To add additional certificates, place .pem files in /usr/local/etc/openssl@1.1/certs

    and run /usr/local/opt/openssl@1.1/bin/c_rehash

    0 讨论(0)
  • 攒了一身酷
    2020-12-07 21:30

    I ran the above command given by @wood-guardian and then ran to fix the issue.

    ruby -ropenssl -e "p OpenSSL::X509::DEFAULT_CERT_FILE"

    export the result of above statement to SSL_CERT_FILE env variable

    export SSL_CERT_FILE=/usr/local/etc/openssl/cert.pem

    0 讨论(0)
  • 被撕碎了的回忆
    2020-12-07 21:32

    This could happen if you have multiple installations of openssl (say v1.0.2 and 1.1.1). If they were both installed by brew at some point in time, you'll have to uninstall both of them to remove the conflict

    brew uninstall --ignore-dependencies --force openssl@1.1
brew uninstall --ignore-dependencies --force openssl

    And the reinstall one of them, like

    brew install openssl@1.1

    Hope this works!

    0 讨论(0)
  • 旧巷少年郎
    2020-12-07 21:37

    A simple way to proceed is to use the curl certificate bundle. I use MacPorts, so this was obtained with

    sudo port install curl-ca-bundle

    You can then run port contents curl-ca-bundle to see what it installed, and then add the following to ~/.offlineimaprc in the section for your remote account

    sslcacertfile =/opt/local/share/curl/curl-ca-bundle.crt

    Note that this will also put a link to these certificates as /opt/local/etc/openssl/cert.pem.

    0 讨论(0)
  • 野趣味
    2020-12-07 21:43

    I had a similar problem (on MacOS 10.10.2, openssl 1.0.2 and offlineimap 6.5.5 both from homebrew) and couldn't get the dummy certificate solution to work. However, I found a certfile that makes offlineimap stop complaining in /usr/local/etc/openssl/cert.pem (which is put there during the installation of openssl through homebrew, brew info openssl tells me). Caveat: I don't know whether this is a good or safe way to do this.

    0 讨论(0)
 看不清?
提交回复
热议问题