Comment # 1 on bug 1000036 from Adam Majer

If the patch is reverted, then the CA store that is used is upstream's bundled
CA blob and system CA store is ignored, which is not very good.

I think the best way would be to patch OpenSSL shipped with NodeJS, just for
the SLE11 people, so that that the certificate hash function is the same as in
the old version of OpenSSL. Now I'm not certain of the amount of work required
for this, but if it's not too much, then this may be better option. But then
this has problems because SLE11 apparently has OpenSSL 1.x in its security
module. So...

Another option would be to ship c_rehash binary from NodeJS in-tree version in
libexec path that then can be used by users still on SLE11 and affected to
relink things.