The code in libpurple/certificate.c - x509_ca_lazy_init only accepts files of the form "*.pem" or "*.crt" while the files contained in /etc/ssl/certs (path provided via "--with-system-ssl-certs") currently all end in ".0", which means no root certificate gets loaded users are left to accept certificates manually.
Ugh. Sorry about that. The symlinks in /etc/ _point to_ .pem files. Does this patch work for you: diff --git a/net-im/libpurple/Makefile b/net-im/libpurple/Makefile index fb455e64ef..b334f9daa9 100644 --- a/net-im/libpurple/Makefile +++ b/net-im/libpurple/Makefile @@ -21,7 +21,7 @@ CONFIGURE_ARGS?=--disable-gtkui \ --with-dynamic-prpls=${PRPL_MODULES:S/,$//} \ --enable-static \ --disable-nm \ - --with-system-ssl-certs=/etc/ssl/certs + --with-system-ssl-certs=/usr/share/certs/trusted INSTALL_TARGET= install-strip .if !defined(PIDGIN_SLAVE)
Hey. No worries! That patch seems to do the trick. Thank you!
Thanks for verifying. Fixed in 2.14.8_3.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=aa21c3d9963e119bbb5b19729a75d7c4a2861716 commit aa21c3d9963e119bbb5b19729a75d7c4a2861716 Author: Joe Marcus Clarke <marcus@FreeBSD.org> AuthorDate: 2022-04-05 16:05:22 +0000 Commit: Joe Marcus Clarke <marcus@FreeBSD.org> CommitDate: 2022-04-05 16:06:47 +0000 net-im/libpurple: Point to the cert directory with .pem files The code looks for a .pem extension, but all of the extracted certs in /etc/ssl/certs use .0. PR: 262858 net-im/libpurple/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)