Submitted By: Ken Moffat Date: 2018-11-02 Initial Package Version: 6.07 Upstream Status: Unsuitable for CPAN Origin: Based on Arch, which is based on Debian, but adapted for BLFS. Description: Use system certificates instead of whatever happened to be at Mozilla when Mozilla::CA was last updated. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619059 diff -Naur a/lib/LWP/Protocol/https.pm b/lib/LWP/Protocol/https.pm --- a/lib/LWP/Protocol/https.pm 2017-02-20 02:41:37.000000000 +0000 +++ b/lib/LWP/Protocol/https.pm 2018-11-02 19:12:49.006187556 +0000 @@ -25,25 +25,7 @@ } if ($ssl_opts{SSL_verify_mode}) { unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { - eval { - require Mozilla::CA; - }; - if ($@) { - if ($@ =~ /^Can't locate Mozilla\/CA\.pm/) { - $@ = <<'EOT'; -Can't verify SSL peers without knowing which Certificate Authorities to trust - -This problem can be fixed by either setting the PERL_LWP_SSL_CA_FILE -environment variable or by installing the Mozilla::CA module. - -To disable verification of SSL peers set the PERL_LWP_SSL_VERIFY_HOSTNAME -environment variable to 0. If you do this you can't be sure that you -communicate with the expected peer. -EOT - } - die $@; - } - $ssl_opts{SSL_ca_file} = Mozilla::CA::SSL_ca_file(); + $ssl_opts{SSL_ca_file} = '/etc/pki/tls/certs/ca-bundle.crt'; } } $self->{ssl_opts} = \%ssl_opts; diff -Naur a/Makefile.PL b/Makefile.PL --- a/Makefile.PL 2016-06-30 11:43:17.000000000 +0100 +++ b/Makefile.PL 2018-11-02 19:13:25.634958845 +0000 @@ -26,7 +26,6 @@ 'LWP::UserAgent' => '6.06', 'Net::HTTPS' => 6, 'IO::Socket::SSL' => "1.54", - 'Mozilla::CA' => "20110101", 'perl' => '5.008001', }, },