GitLab

Some of our tools insist certificate pinning which is not handled well (e.g. 2 LE intermediate certificates...). We should get rid of them.

There was already a MR !77 (merged) do handle this but it was insufficient.

This is mainly about /etc/ssl/www_turris_cz_ca.pem file from cznic-cacert-bundle package. I have discovered these packages using this file as a CAFile:

• server-uplink (from turris/turris-os-packages>)
• haas (also from turris/turris-os-packages>)
• netmetr (from turris/netmetr-client>)