Fixed handling of TLS config so that cURL works in all cases. (#10491)
We should not be hard-coding the CA file or messing with cURL options to handle this, but should instead be relying on the config detected at setup time for the install to just get it right (as it will in 99% of cases).
This commit is contained in:
parent
f7b3283956
commit
9fe43430f2
|
@ -129,25 +129,6 @@ else
|
|||
run_failed "I could not add group netdata, so no user netdata will be created as well. Netdata run as root:root"
|
||||
fi
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
progress "Check SSL certificates paths"
|
||||
|
||||
if [ ! -f "/etc/ssl/certs/ca-certificates.crt" ]; then
|
||||
if [ ! -f /opt/netdata/.curlrc ]; then
|
||||
cacert=
|
||||
|
||||
# CentOS
|
||||
[ -f "/etc/ssl/certs/ca-bundle.crt" ] && cacert="/etc/ssl/certs/ca-bundle.crt"
|
||||
|
||||
if [ -n "${cacert}" ]; then
|
||||
echo "Creating /opt/netdata/.curlrc with cacert=${cacert}"
|
||||
echo > /opt/netdata/.curlrc "cacert=${cacert}"
|
||||
else
|
||||
run_failed "Failed to find /etc/ssl/certs/ca-certificates.crt"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
progress "Install logrotate configuration for netdata"
|
||||
|
||||
|
|
|
@ -22,8 +22,7 @@ run ./configure \
|
|||
--enable-proxy \
|
||||
--enable-ipv6 \
|
||||
--enable-cookies \
|
||||
--with-ca-fallback \
|
||||
--with-ca-bundle=/opt/netdata/etc/ssl/certs/ca-bundle.crt
|
||||
--with-ca-fallback
|
||||
|
||||
# Curl autoconf does not honour the curl_LDFLAGS environment variable
|
||||
run sed -i -e "s/curl_LDFLAGS =/curl_LDFLAGS = -all-static/" src/Makefile
|
||||
|
|
Loading…
Reference in New Issue