Thomas Habets <thomas@habets.se> writes:
> With Letsencrypt now protecting web servers left and right, and it makes
> sense to me to just re-use the cert that the server may already have
> installed.
I'm confused by your description of this patch. AFAIK, OpenSSL verifies
against the system-wide CA pool by default. Why do we need to do
anything?
regards, tom lane