1 files changed, 45 insertions, 0 deletions

diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index 449be0b35a..e2de6b168b 100644
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -7,6 +7,7 @@
 ;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;; Copyright © 2021 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2021 Raghav Gururajan <rg@raghavgururajan.name>
+;;; Copyright © 2024 Zheng Junjie <873216071@qq.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -25,6 +26,7 @@
 
 (define-module (gnu packages certs)
   #:use-module ((guix licenses) #:prefix license:)
+  #:use-module ((guix search-paths) #:select ($SSL_CERT_DIR $SSL_CERT_FILE))
   #:use-module (guix packages)
   #:use-module (guix utils)
   #:use-module (guix download)
@@ -188,6 +190,49 @@ taken from the NSS package and thus ultimately from the Mozilla project.")
     (home-page "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS")
     (license license:mpl2.0)))
 
+(define-public nss-certs-for-test
+  (hidden-package
+   (package
+     (inherit nss-certs)
+     (name "nss-certs-for-test")
+     (source #f)
+     (build-system trivial-build-system)
+     (native-inputs (list nss-certs))
+     (inputs '())
+     (propagated-inputs '())
+     (arguments
+      (list #:modules '((guix build utils)
+                        (rnrs io ports)
+                        (srfi srfi-26))
+            #:builder
+            #~(begin
+                (use-modules (guix build utils)
+                             (rnrs io ports)
+                             (srfi srfi-26))
+                (define certs-dir (string-append #$output "/etc/ssl/certs/"))
+                (define ca-files
+                  (find-files (string-append #+(this-package-native-input
+                                                "nss-certs")
+                                             "/etc/ssl/certs")
+                              (lambda (file stat)
+                                (string-suffix? ".pem" file))))
+                (define (concatenate-files files result)
+                  "Make RESULT the concatenation of all of FILES."
+                  (define (dump file port)
+                    (display (call-with-input-file file get-string-all) port)
+                    (newline port))
+                  (call-with-output-file result
+                    (lambda (port)
+                      (for-each (cut dump <> port) files))))
+
+                (mkdir-p certs-dir)
+                (concatenate-files
+                 ca-files (string-append certs-dir "/ca-certificates.crt"))
+                (for-each (cut install-file <> certs-dir) ca-files))))
+     (native-search-paths
+      (list $SSL_CERT_DIR
+            $SSL_CERT_FILE)))))
+
 (define-public le-certs
   (package
     (name "le-certs")