summary refs log tree commit diff
path: root/pkgs/data/misc/cacert/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/data/misc/cacert/default.nix')
-rw-r--r--pkgs/data/misc/cacert/default.nix10
1 files changed, 8 insertions, 2 deletions
diff --git a/pkgs/data/misc/cacert/default.nix b/pkgs/data/misc/cacert/default.nix
index 91af84c42245..638a342e8eba 100644
--- a/pkgs/data/misc/cacert/default.nix
+++ b/pkgs/data/misc/cacert/default.nix
@@ -9,8 +9,8 @@ let
 
   certdata2pem = fetchurl {
     name = "certdata2pem.py";
-    url = "https://anonscm.debian.org/cgit/collab-maint/ca-certificates.git/plain/mozilla/certdata2pem.py?h=debian/20160104";
-    sha256 = "0bw11mgfrf19qziyvdnq22kirp0nn54lfsanrg5h6djs6ig1c2im";
+    url = "https://anonscm.debian.org/cgit/collab-maint/ca-certificates.git/plain/mozilla/certdata2pem.py?h=debian/20170717";
+    sha256 = "1d4q27j1gss0186a5m8bs5dk786w07ccyq0qi6xmd2zr1a8q16wy";
   };
 
 in
@@ -20,6 +20,8 @@ stdenv.mkDerivation rec {
 
   src = nss.src;
 
+  outputs = [ "out" "unbundled" ];
+
   nativeBuildInputs = [ python ];
 
   configurePhase = ''
@@ -50,6 +52,10 @@ stdenv.mkDerivation rec {
   installPhase = ''
     mkdir -pv $out/etc/ssl/certs
     cp -v ca-bundle.crt $out/etc/ssl/certs
+    # install individual certs in unbundled output
+    mkdir -pv $unbundled/etc/ssl/certs
+    cp -v *.crt $unbundled/etc/ssl/certs
+    rm -f $unbundled/etc/ssl/certs/ca-bundle.crt  # not wanted in unbundled
   '';
 
   setupHook = ./setup-hook.sh;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-19 17:58:51 +0000