It *seems* like replacing the ca-bundle.crt with a symlink to /etc/ssl/certs/ca-certififcates.crt is enough to make KDE recognize the global list of root CAs (at least after a re-login Konqueror doesn't complain about CAcert anymore). So maybe the options stored in the file ksslcalist is obsolete? Got to have a look at the source. Or can anybody with more insight comment?
Hm, this is really... convoluted. Seems like KDE uses (at least) two files: A PEM-file /usr/share/ kde4/apps/ kssl/ca- bundle. crtplus an ini-file /usr/share/ kde4/config/ ksslcalist. websvn. kde.org/ branches/ KDE/4.1/ kdelibs/ kio/kssl/ kssl/ www.roumenpetro v.info/ domino_ CA/#comment01
See also
http://
and
http://
It *seems* like replacing the ca-bundle.crt with a symlink to /etc/ssl/ certs/ca- certififcates. crt is enough to make KDE recognize the global list of root CAs (at least after a re-login Konqueror doesn't complain about CAcert anymore). So maybe the options stored in the file ksslcalist is obsolete? Got to have a look at the source. Or can anybody with more insight comment?