Modify c_rehash to ignore the /etc/ssl/certs/certs/ca-certificates.crt file when created hash softlinks in the /etc/ssl/certs/ directory. There are 3 reasons for this: (1) normally whenever "update-ca-certificates" is run (whether by a script/trigger or by an end-user) a warning will appear:
WARNING: ca-certificates.crt does not contain exactly one certificate or CRL: skippingwhich is annoying but not problematic, however (2) in some circumstances such as where that file only contains a single certificate, i.e. where you disable all the system certificates and only use your own "local" CA file, then c_rehash may wrongly create a softlink to the ca-certificates.crt file rather than to the correct CA file if c_rehash finds the ca-certificates.crt file first in the /etc/ssl/certs/ directory.
In the "single CA cert" situation if however c_rehash finds the correct (single CA) file first then (3) when it does find the ca-certificates.crt file it will generate the following warning:
WARNING: Skipping duplicate certificate in file ca-certificates.crtThe changes in this MR prevent all 3 scenarios from occurring.
Remove the blacklist.txt file - this has not been updated since it was added to the repo 5+ years ago. Also this file is not used for any purpose - it was previously used/read by the certdata2pem.py Python script but that was replaced by by the mk-ca-bundle.pl Perl script which makes no use of blacklist.txt.
Correct update-ca-certificates manpage - this was copied from Debian, however the Alpine program does NOT support any cli options, so remove these from the manpage.
Fixes #2 (closed).