maintainer-feedback requested: [Bug 276202] ports-mgmt/pkg

Bugzilla Automation <bugzilla@FreeBSD.org> has asked freebsd-pkg (Nobody)
<pkg@FreeBSD.org> for maintainer-feedback:
Bug 276202: ports-mgmt/pkg
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=276202



--- Description ---
So I was upgrading to Q4 (I know, I'm behind) and imagine my surprise when pkg
1.19 worked fine but pkg 1.20.9 suddenly breaks:

# pkg update
pkg: An error occured while fetching package

Tracing this down with the -d switch:

* Hostname mypkgs.dream-tech.com was found in DNS cache
*   Trying 172.17.1.1:443...
* Connected to mypkgs.dream-tech.com (172.17.1.1) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate

Now I have proper Let's Encrypt certificates for the host "mypkgs" so this
shouldn't be happening? That CApath ... it doesn't exist on my system

# ls -l /etc/ssl
total 7
lrwxr-xr-x  1 root  wheel     43 Dec  6 19:49 cert.pem ->
../../usr/local/share/certs/ca-root-nss.crt
-rw-r--r--  1 root  wheel  10921 May  9  2022 openssl.cnf

I'm filing this as a bug only because the previous version worked without
changing the setup. Possible workaround solutions for me are:

1) Figure out what /etc/ssl/certs is supposed to be and link that
2) Trace down or google which environment variable is equivalent to the -k
switch in cURL (don't verify certificates)

Is there anything I am missing?