diff options
Diffstat (limited to 'pkgs/data/misc/cacert/default.nix')
-rw-r--r-- | pkgs/data/misc/cacert/default.nix | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/pkgs/data/misc/cacert/default.nix b/pkgs/data/misc/cacert/default.nix index 91af84c42245..638a342e8eba 100644 --- a/pkgs/data/misc/cacert/default.nix +++ b/pkgs/data/misc/cacert/default.nix @@ -9,8 +9,8 @@ let certdata2pem = fetchurl { name = "certdata2pem.py"; - url = "https://anonscm.debian.org/cgit/collab-maint/ca-certificates.git/plain/mozilla/certdata2pem.py?h=debian/20160104"; - sha256 = "0bw11mgfrf19qziyvdnq22kirp0nn54lfsanrg5h6djs6ig1c2im"; + url = "https://anonscm.debian.org/cgit/collab-maint/ca-certificates.git/plain/mozilla/certdata2pem.py?h=debian/20170717"; + sha256 = "1d4q27j1gss0186a5m8bs5dk786w07ccyq0qi6xmd2zr1a8q16wy"; }; in @@ -20,6 +20,8 @@ stdenv.mkDerivation rec { src = nss.src; + outputs = [ "out" "unbundled" ]; + nativeBuildInputs = [ python ]; configurePhase = '' @@ -50,6 +52,10 @@ stdenv.mkDerivation rec { installPhase = '' mkdir -pv $out/etc/ssl/certs cp -v ca-bundle.crt $out/etc/ssl/certs + # install individual certs in unbundled output + mkdir -pv $unbundled/etc/ssl/certs + cp -v *.crt $unbundled/etc/ssl/certs + rm -f $unbundled/etc/ssl/certs/ca-bundle.crt # not wanted in unbundled ''; setupHook = ./setup-hook.sh; |