ca-certificates is removed #19
Comments
|
That's right, the removal was done to clean up the installation. Python used to carry certain certificates by itself so there wasn't a need to keep the package installed. If that has changed the cleanup can be safely removed. |
|
Any way you can check whether Python no longer carries certain certificates itself? I would check for us but I wasn't aware that was a thing they ever did. On a fresh container install I can confirm that pushover.net does not SSL validate on SickGear... so I am pretty certain that we do need to keep that package, but I appreciate if you want to check. |
|
I think it's a good idea to include the distribution certificates as well if python uses those properly. Previously it was bit of a hit and miss, but if keeping the certificates helps in your case, then the situation has improved. Not to mention that there is no harm in keeping them just in case. |
SickGear.Docker/Dockerfile
Line 33 in 216d4e4
How come we're removing the ca-certificates apk here? I have been getting some SSL errors when using Pushover that are resolved by reinstalling ca-certificates (have to run apk update first). This issue is reproducible.
Edit:
just confirmed that doing apk del ca-certificates does indeed cause all the installed certs to get removed, so this of course then prevents ca-cert verification. Maybe it was being removed because you only wanted to use it for the build process? But because SickGear enforced certificate trust for some services, like Pushover, we do actually need these certs installed.
The text was updated successfully, but these errors were encountered: