diff options
Diffstat (limited to 'nixos/modules/security/ca.nix')
-rw-r--r-- | nixos/modules/security/ca.nix | 25 |
1 files changed, 11 insertions, 14 deletions
diff --git a/nixos/modules/security/ca.nix b/nixos/modules/security/ca.nix index 98d73ed25426..849530238e7e 100644 --- a/nixos/modules/security/ca.nix +++ b/nixos/modules/security/ca.nix @@ -35,14 +35,17 @@ in security.pki.certificates = mkOption { type = types.listOf types.str; default = []; - example = singleton '' - NixOS.org - ========= - -----BEGIN CERTIFICATE----- - MIIGUDCCBTigAwIBAgIDD8KWMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ - TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 - ... - -----END CERTIFICATE----- + example = literalExample '' + [ ''' + NixOS.org + ========= + -----BEGIN CERTIFICATE----- + MIIGUDCCBTigAwIBAgIDD8KWMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ + TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 + ... + -----END CERTIFICATE----- + ''' + ] ''; description = '' A list of trusted root certificates in PEM format. @@ -64,12 +67,6 @@ in # CentOS/Fedora compatibility. environment.etc."pki/tls/certs/ca-bundle.crt".source = caCertificates; - environment.sessionVariables = - { SSL_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt"; - # FIXME: unneeded - remove eventually. - GIT_SSL_CAINFO = "/etc/ssl/certs/ca-certificates.crt"; - }; - }; } |