Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /etc/pki/ca-trust/ |
# The upstream Mozilla.org project tests all changes to the root CA # list with the NSS (Network Security Services) library. # # Occassionally, changes might cause compatibility issues with # other cryptographic libraries, such as openssl or gnutls. # # The package maintainers of the CA certificates package might decide # to temporarily keep certain (legacy) root CA certificates trusted, # until incompatibility issues can be resolved. # # Using this configuration file it is possible to opt-out of the # compatibility choices made by the package maintainer. # # legacy=default : # This configuration uses the choices made by the package maintainer. # It may keep root CA certificate as trusted, which the upstream # Mozilla.org project has already marked as no longer trusted. # The set of CA certificates that are being kept enabled may change # between package versions. # # legacy=disable : # Follow all removal decisions made by Mozilla.org # legacy=default