https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=246614
--- Comment #9 from Michael Osipov <michael.osi...@siemens.com> --- (In reply to Kyle Evans from comment #8) Not even that. The origin c_rehash is not aware of blacklists, only CRLs. So the idea behind a blacklist is that you exclude specific certs from installing. This means that if a cert exists in the blackist and in the source, the hash link is never created (or removed) is /etc/ssl/certs. They must be skipped. When the link is established, OpenSSL assumes that you trust that entity. If you don't want to work with blacklists, use CRL. I don't see a reason to copy with the original name. What benefit should that give? -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ freebsd-bugs@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"