> On 12 Apr 2023, at 23:40, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>
> Peter Eisentraut <peter.eisentraut@enterprisedb.com> writes:
>> On 12.04.23 22:52, Jacob Champion wrote:
>>> Does the test start passing if you create an empty certs directory? It
>>> still wouldn't explain why Daniel's setup is succeeding...
>
>> After
>> mkdir /usr/local/etc/openssl@3/certs
>> the tests pass!
>
> Likewise, though MacPorts unsurprisingly uses a different place:
>
> $ openssl info -configdir
> /opt/local/libexec/openssl3/etc/openssl
> $ sudo mkdir /opt/local/libexec/openssl3/etc/openssl/certs
> $ make check PG_TEST_EXTRA=ssl
> ... success!
>
> So this smells to me like a new OpenSSL bug: they should tolerate
> a missing certs dir like they used to. Who wants to file it?
They are specifying that: "A missing default location is still treated as a
success". That leaves out the interesting bit of what a success means here,
and how it should work when verifications are requested. That being said, the
same is written in the 1.1.1 manpage.
--
Daniel Gustafsson
