Openssl fails to create database due to wrong default cert file, need to use SSL_CTX_set_default_verify_paths()
When running unittest I got the following error:
(tls/tests/connection-openssl:23843): GLib-Net-WARNING **: 14:45:48.375: Couldn't load TLS file database: Failed to open file ?/usr/lib/ssl/cert.pem?: No such file or directory
It turns out that X509_get_default_cert_file(), which gtlsbackend-openssl.c relies on, returns a path that is not available on my system (Debian 9.4, libssl-dev 1.1.0j-1~deb9u1). I resolved this issue on my system by linking /usr/lib/ssl/cert.pem (which is what the function returns) to /usr/lib/ssl/certs/ca-certificates.crt (which is a cert that exists), but you should be aware that this problem exists. Maybe there is some more reliable way to find out the default CA cert in the system.