On 2016-05-31, Etienne <[email protected]> wrote: > Hello list, > > I came across that blog post > https://blog.filippo.io/untrusting-an-intermediate-ca-on-os-x/ and I > have been trying to find an equivalent way of doing so in > OpenBSD/LibreSSL, to no avail. Am I missing something?
You can't do this with the simple CA certificate store used by OpenSSL/LibreSSL. Browsers are doing their own CA management at a different level and not using this type of cert store.
