Openssl fails to create database due to wrong default cert file, need to use SSL_CTX_set_default_verify_paths()
When running unittest I got the following error:
(tls/tests/connection-openssl:23843): GLib-Net-WARNING **: 14:45:48.375: Couldn't load TLS file database: Failed to open file ?/usr/lib/ssl/cert.pem?: No such file or directory
It turns out that X509_get_default_cert_file(), which gtlsbackend-openssl.c relies on, returns a path that is not available on my system (Debian 9.4, libssl-dev 1.1.0j-1~deb9u1). I resolved this issue on my system by linking /usr/lib/ssl/cert.pem (which is what the function returns) to /usr/lib/ssl/certs/ca-certificates.crt (which is a cert that exists), but you should be aware that this problem exists. Maybe there is some more reliable way to find out the default CA cert in the system.
Edited by Michael Catanzaro