Thomas Habets <thomas(at)habets(dot)se> writes:
> With Letsencrypt now protecting web servers left and right, and it makes
> sense to me to just re-use the cert that the server may already have
> installed.
I'm confused by your description of this patch. AFAIK, OpenSSL verifies
against the system-wide CA pool by default. Why do we need to do
anything?
regards, tom lane