Currently, at least on EL6, cvmfs only checks https server certificates against /etc/grid-security/certificates, or whatever X509_CERT_DIR is set to. It does not use the system-installed CA certs. Add an option to enable & disable this. We will then discuss whether the option should be enabled or disabled by default.
We are particularly interested in supporting Let's Encrypt certificates & Cloudflare certificates. I believe that Cloudflare certificates will already be supported because their root COMODO CA is already supported by IGTF. I can't verify it however until
CVM-1419 is done.
I am assigning this at least initially to me to verify the behavior on EL7.