(In reply to Wolfgang Rosenauer from comment #3) > Seems that the package p11-kit-nss-trust can be used to achieve this > nevertheless. Yes, thats true. Is there any pitfall with it, p11-kit-nss-trust instead of mozilla-nss-certs?