#1402 PR merged: Add SSL cert directories

Labels: enhancement, fixed / solved / done, minor bug

rnavarro opened issue at 2017-07-03 15:49:

Add SSL cert directories so we can interact with Google Cloud Storage

I was using Duply/Duplicity with Google Cloud Storage and the SSL connections to Google where failing because the SSL certificates didn't get copied over into the image.

This fixes that and allows for restores to come straight from Google Cloud Storage.

schlomo commented at 2017-07-03 16:01:

Good find. Is there any reason why we shouldn't update https://github.com/rear/rear/blob/master/usr/share/rear/conf/GNU/Linux.conf#L253 to include those paths? I guess that different distros store their certs in different paths and we just did not yet catch them all.

rnavarro commented at 2017-07-03 16:02:

No reason to not add them there. I just didn't know about that location :)

This is my first PR for this project so still learning.

I'll update the PR accordingly.

schlomo commented at 2017-07-03 16:23:

👍 @gdha?

jsmeix commented at 2017-07-04 08:05:

@rnavarro
only FYI in general regarding having secret and/or private stuff
by default and/or automatically in the ReaR recovery system see
https://github.com/rear/rear/pull/1267#issuecomment-291836695
and subsequent comments there that lead to
https://github.com/rear/rear/pull/1279

As far as I see here the private keys in /usr/lib/ssl/private
are excluded so that this pull request looks o.k. to me
but my knowledge in this area is basically zero
so that I cannot make a meaningful decision here.

gdha commented at 2017-07-04 08:06:

@rnavarro @schlomo Looks good enough for me - nice that rear/duplicity works with Google Cloud Storage as well. Why not write a short article for our web pages? See for example https://github.com/rear/rear.github.com/blob/master/documentation/usecases.md


[Export of Github issue for rear/rear.]