- AC_MSG_CHECKING([for bundled SSL CA info])
- CURL_CAINFO=
- for i in `$CURL_CONFIG --ca` "/etc/ssl/certs/ca-certificates.crt" "/etc/ssl/certs/ca-bundle.crt"; do
- if test -f "$i"; then
- CURL_CAINFO="$i"
- break
+ AC_MSG_CHECKING([for default SSL CA info/path])
+ CURL_CA_PATH=
+ CURL_CA_INFO=
+ CURL_CONFIG_CA=$($CURL_CONFIG --ca)
+ if test -z "$CURL_CONFIG_CA"; then
+ CURL_CONFIG_CA=$($CURL_CONFIG --configure | $EGREP -o -- "--with-ca@<:@^'@:>@*" | $SED 's/.*=//')
+ fi
+ for i in \
+ "$CURL_CONFIG_CA" \
+ /etc/ssl/certs \
+ /etc/ssl/certs/ca-bundle.crt \
+ /etc/ssl/certs/ca-certificates.crt \
+ /etc/pki/tls/certs/ca-bundle.crt \
+ /etc/pki/tls/certs/ca-bundle.trust.crt \
+ /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem \
+ /System/Library/OpenSSL
+ do
+ if test -z "$CURL_CA_PATH" && test -d "$i"; then
+ # check if it's actually a hashed directory
+ if ls "$i"/@<:@0-9a-f@:>@@<:@0-9a-f@:>@@<:@0-9a-f@:>@@<:@0-9a-f@:>@@<:@0-9a-f@:>@@<:@0-9a-f@:>@@<:@0-9a-f@:>@@<:@0-9a-f@:>@.0 >/dev/null 2>&1; then
+ CURL_CA_PATH="$i"
+ fi
+ elif test -z "$CURL_CA_INFO" && test -f "$i"; then
+ CURL_CA_INFO="$i"