From 30b8bfedbfccb0812ff1d41152fa3eb70225a734 Mon Sep 17 00:00:00 2001 From: Franco Fichtner Date: Tue, 22 Oct 2024 13:14:48 +0200 Subject: [PATCH] firmware: for CRL verify to work need to explicitly set trust store --- src/opnsense/scripts/firmware/config.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/src/opnsense/scripts/firmware/config.sh b/src/opnsense/scripts/firmware/config.sh index 567326ae3..9ee6a92f0 100755 --- a/src/opnsense/scripts/firmware/config.sh +++ b/src/opnsense/scripts/firmware/config.sh @@ -69,6 +69,7 @@ env_init() fi # ...and then tell libfetch to verify from trust store + export SSL_CA_CERT_PATH="/etc/ssl/certs" export SSL_CRL_VERIFY="yes" fi }