Skip to content

Commit 3697a25

Browse files
ehelmsehelms
committed
Ignore system CA trust when verifying certificates
1 parent 776275a commit 3697a25

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

bin/katello-certs-check

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -157,7 +157,7 @@ function check-priv-key () {
157157
function check-ca-bundle () {
158158
printf "Checking CA bundle against the certificate file: "
159159
ERROR_PATTERN="error [0-9]+ at"
160-
CHECK=$(openssl verify -CAfile $CA_BUNDLE_FILE -purpose sslserver -verbose $CERT_FILE 2>&1)
160+
CHECK=$(openssl verify -no-CApath -CAfile $CA_BUNDLE_FILE -purpose sslserver -verbose $CERT_FILE 2>&1)
161161
CHECK_STATUS=$?
162162

163163
if [[ $CHECK_STATUS != "0" || $CHECK =~ $ERROR_PATTERN ]]; then

0 commit comments

Comments
 (0)