Where's the ca cert bundle on OSX?

macos curl

I'm debugging some curl ssl configuration stuff and was wondering where the ca cert bundle is installed on OSX.


I'm pretty sure there isn't one.

Install curl via MacPorts to get one.

You can probably use Fink or Homebrew as alternatives to MacPorts if you prefer.

Mac OS X's own Security Framework, used by Cocoa apps and the like, uses the Mac OS X Keychain-format files in...

/System/Library/Keychains/
/Library/Keychains/
~/Library/Keychains/

...to find trusted CA certs. I doubt Mac OS X's built-in curl has been modified to use those Keychain files though, so I'm not sure why Apple doesn't ship a CA cert bundle for curl.


I have a good usable one at /usr/local/etc/openssl/cert.pem; I believe that got installed via Homebrew's openssl package. This isn't necessarily useful if you need to verify how other parts of the system work, but if you're doing some debugging that requires specifying a singular PEM file to use for verifying a certificate.

See also the answers to this Stack Overflow question for additional ways to get a PEM to use in this way.

Related

7-Zip command line: Extract silently/quietly [duplicate]
How to use UDP hole punching for a SSH tunnel / session
Why is Hardware Assisted Virtualization disabled by default?
How to open a new window from dock if it's already running in OSX
what is the difference between eth1 and eno1?
Chrome "clear cookies on exit" feature does not work
What is rootfs# and what can you do with it?
Windows 7 - User-specific %PATH%
Replacement for horrible, horrible Character Map [closed]
How does Windows 7 calculate the color to use for taskbar "color hot-tracking"?
When middle-clicking links, why does my browser sometimes open two tabs?
Why does Chromium connect to Google on startup?