[OpenSSL] /etc/ssl/cert.pem not honoured by default

[Dan Lukes]

On 18.12.2015 16:47, rhi wrote:
> Or is it recommended to let ports use the port OpenSSL, so that base OpenSSL
> is only used for the system itself?

On 9.x-R (still considered supported version) the base's OpenSSL is so 
old for today's SSL server. The best TLS version supported is 1.0 which 
is considered unacceptable old for some recent SSH clients.

You have almost no choice but port's OpenSSL (if you wish to provide a 
SSL server, of course) here.


Dan