crypto/x509: add new FreeBSD 12.2+ trusted certificate folder

Up to FreeBSD 12.1 the package ca_root_nss was needed in order to have
certificates under /usr/local/share/certs as the base system didn't have
a system trusted certificate store.

This has been fixed in FreeBSD 12.2 using /etc/ssl/certs:
https://svnweb.freebsd.org/base?view=revision&revision=357082

Fixes #46284

Change-Id: I912b1bacc30cdf20d19e3ef9d09b69bb8055ff49
GitHub-Last-Rev: 0fa5542ea3c70ecb03e621381d7c34fbadf7ea47
GitHub-Pull-Request: golang/go#46276
Reviewed-on: https://go-review.googlesource.com/c/go/+/321190
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Tobias Klauser <tobias.klauser@gmail.com>

diff --git a/src/crypto/x509/root_bsd.go b/src/crypto/x509/root_bsd.go
index 822e8573ff12d732542a3135264bf316937d297b..6712ea32a68414681c5cd0658dc12f930107327f 100644 (file)
--- a/src/crypto/x509/root_bsd.go
+++ b/src/crypto/x509/root_bsd.go
@@ -18,6 +18,7 @@ var certFiles = []string{
 // Possible directories with certificate files; stop after successfully
 // reading at least one file from a directory.
 var certDirectories = []string{
+       "/etc/ssl/certs",         // FreeBSD 12.2+
        "/usr/local/share/certs", // FreeBSD
        "/etc/openssl/certs",     // NetBSD
 }