Infrastructure

We had been using /var/local/dataone as the location for trusted CA certificates on the CN, but in 2012 we changed to using a single chain file rather than a directory. I made this change in the cn-ssl config, but (inadvertantly?) used /etc/ssl/certs for tha DataONECAChain.crt file location.

When this file isn't hashed during c_rehash, there is no duplicate hashes created for the DataONERootCA certificate, but when it is, using /etc/ssl/certs in curl operations fail.

The easiest fix is to move the DataONECAChain.crt file back to /var/local/dataone in cn-ssl, so there isn't the potential for a conflict.