Hi,
I’m using Mender 2.0 in stand-alone mode and as part of the security requirements, I need to remove the ca-certificate from the Yocto (we are using sumo version).
When I removed the ca-certificate, the below error pop ups:
I would like to know whether mender stand-alone required ca-certificate? If not, then may I know how to remove it?
Have you tried creating a mender_%.bbappend file in your own projects layer and adding something along the lines of to remove the RDEPENDS addition by the mender-install feature.
PACKAGECONFIG[mender-install]_remove("ca-certificates")
the syntax above may not be totally correct, so further reading can be found below:
https://www.yoctoproject.org/docs/latest/mega-manual/mega-manual.html#var-PACKAGECONFIG
Thank you for your quick support.
I tired to remove the ca-certificates directly from the meta-mender-core layer (meta-mender-core/recipes-mender/mender/mender.inc) as below:
From:
PACKAGECONFIG[mender-install] = ",,,mender-artifact-info ca-certificates"
To:
PACKAGECONFIG[mender-install] = ",,,mender-artifact-info"
This build without any error. I hope removing the ca-certificate from here will not impact the stand-alone mender functionalities.
However, your method is more standard and preferred because we don’t have to modify the default mender layer configurations. I will try to do the same.
Thank you again 
Thank you @dellgreen for your support.
I tried to add the removal part in the mender_%.bbappend file from our own project layer.
However, the ca-certificates couldn’t able remove using any of the below trials:
- PACKAGECONFIG_remove[mender-install] = “ca-certificates”
- PACKAGECONFIG[mender-install]_remove(“ca-certificates”)
- PACKAGECONFIG[mender-install]_remove = “ca-certificates”
All the above 3 methods gave build error 
I know this is basic Yocto, however, I would like to know what is the correct syntax for removing the ca-certificates from mender-install which is mentioned in the mender core layer?
That’s an interesting idea; I’ve never tried that myself and honestly I’d be surprised if it worked. I think you may need to simply override the entire PACKAGECONFIG[mender-install] definition in your bbappend file using the syntax you specified above:
PACKAGECONFIG[mender-install] = “,mender-artifact-info”
I haven’t tried this, but given that the package config instruction looks like it indirectly is adding to the RDEPENDS variable, I would check this variable when running the mender recipe with bitbake -e mender | grep RDEPENDS to see if it’s updated. If so you could try something like RDEPENDS_${PN}_remove = “ca-certificates” in you bbappend recipe
