Forum OpenACS Development: Re: Proposed corrections to OpenACS default nsopenssl configuration

Hi Richard,

Hardcoding the pem files to that location won't work for OSes that place aolserver somewhere else in the file hierarchy (such as freebsd).

The server should be able to read the pem files of any os when they are located within $serverroot, which is why the config.tcl currently references them at ${serverroot}/etc/certs by default.

The files need to be accessible by the running aolserver, and so should be given the usual file permissions for that.

If for some reason, it's decided to make these changes to config.tcl, a moduleroot variable should be defined early in config.tcl for this use, since aolserver modules are placed in various locations in various OSes and distributions.

cheers,

Torben