From 95c2c2e49b8363efdf4af6f30f1f2dfede056793 Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Mon, 4 Nov 2024 11:46:33 +0100
Subject: [PATCH] system: garbage collect unused directories in certctl.py

We do not currently use /usr/local/share/certs/untrusted either,
but keep it for future use.  The other directories are not used
by FreeBSD 14 or newer so just remove their use.
---
 src/opnsense/scripts/system/certctl.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/opnsense/scripts/system/certctl.py b/src/opnsense/scripts/system/certctl.py
index fbbf426c2..a5c9ec639 100755
--- a/src/opnsense/scripts/system/certctl.py
+++ b/src/opnsense/scripts/system/certctl.py
@@ -37,8 +37,8 @@ import OpenSSL.crypto
 from cryptography import x509
 from cryptography.hazmat.primitives import serialization
 
-TRUSTPATH = ['/usr/share/certs/trusted', '/usr/local/share/certs', '/usr/local/etc/ssl/certs']
-UNTRUSTEDPATH = ['/usr/share/certs/untrusted', '/usr/local/etc/ssl/untrusted', '/usr/local/etc/ssl/blacklisted']
+TRUSTPATH = ['/usr/share/certs/trusted', '/usr/local/share/certs']
+UNTRUSTEDPATH = ['/usr/share/certs/untrusted', '/usr/local/share/certs/untrusted']
 CERTDESTDIR = '/etc/ssl/certs'
 UNTRUSTDESTDIR = '/etc/ssl/untrusted'