crypto: Use system CAs instead of using bundled ones
This is a backport of a patch included in 7.5.0
NodeJS can already use an external, shared OpenSSL library. This library knows where to look for OS managed certificates. Allow a compile-time option to use this CA store by default instead of using bundled certificates.
In case when using bundled OpenSSL, the paths are also valid for majority of Linux systems without additional intervention. If this is not set, we can use SSL_CERT_DIR to point it to correct location.
Fixes: https://github.com/nodejs/node/issues/3159 PR-URL: https://github.com/nodejs/node/pull/8334 Reviewed-By: Sam Roberts vieuxtech@gmail.com Reviewed-By: James M Snell jasnell@gmail.com Reviewed-By: Fedor Indutny fedor.indutny@gmail.com
Checklist
-
make -j4 test
(UNIX), orvcbuild test
(Windows) passes -
tests and/or benchmarks are included -
documentation is changed or added -
commit message follows commit guidelines