apparmor/profiles/apparmor.d/abstractions/ssl_certs

# ------------------------------------------------------------------
#
#    Copyright (C) 2002-2005 Novell/SUSE
#    Copyright (C) 2010-2011 Canonical Ltd.
#
#    This program is free software; you can redistribute it and/or
#    modify it under the terms of version 2 of the GNU General Public
#    License published by the Free Software Foundation.
#
# ------------------------------------------------------------------

  /etc/ssl/ r,
  /etc/ssl/certs/ r,
  /etc/ssl/certs/* r,
  /etc/pki/trust/ r,
  /etc/pki/trust/* r,
  /etc/pki/trust/anchors/ r,
  /etc/pki/trust/anchors/** r,
  /usr/share/ca-certificates/ r,
  /usr/share/ca-certificates/** r,
  /usr/share/ssl/certs/ca-bundle.crt          r,
  /usr/local/share/ca-certificates/ r,
  /usr/local/share/ca-certificates/** r,
  /var/lib/ca-certificates/ r,
  /var/lib/ca-certificates/** r,

  # acmetool
  /var/lib/acme/certs/*/chain r,
  /var/lib/acme/certs/*/cert r,