|Summary:||11.4-p3 update removes links & files under /etc/ssl/certs/|
|Component:||misc||Assignee:||freebsd-bugs (Nobody) <bugs>|
|Severity:||Affects Only Me||CC:||kevans, lwhsu, michael.osipov|
Description heas 2020-10-12 15:52:56 UTC
Installing 11.4-p3 removed files in /etc/ssl/certs. From a zfs diff: - /etc/ssl/certs/apache.pem - /etc/ssl/certs/dovecot.pem - /etc/ssl/certs/postfix.pem M /etc/ssl/certs - /etc/ssl/certs/postfix.pem.old - /etc/ssl/certs/dovecot.pem.old - /etc/ssl/certs/imapd.pem.old - /etc/ssl/certs/nginx.key - /etc/ssl/certs/nginx.pem + /etc/ssl/blacklisted It does not recur if the machine is rebooted, so it was not a rc script that removed it.
Comment 1 Michael Osipov 2020-10-12 18:06:04 UTC
You are incorrectly using/abusing this directory. It is solely meant to be used for hashed CA certificate links for be consumed by OpenSSL when verifying a peer. Do not put your certs into it.