Log message:
mozilla-rootcerts: Cope with missing certs dir

While the certs dir should exist, pkg_delete of
mozilla-rootcerts-openssl currently removes it, despite it not having
been created by the corresponding pkg_add.  Instead of failing if the
directory does not exist, simply emit a warning and create it.

Log message:
mozilla-rootcerts: Simplify DESCR.

Use the phrase "configuring a trust anchor" less, it won't stop echoing
around my head.

Log message:
mozilla-rootcerts: Mention 'mozilla-rootcerts install' in the DESCR

This seems to be a far more common operation than 'extract', I'm slightly
confused why it onlymentions installing to the current working directory.

Log message:
mozilla-rootcerts: In DESCR, explain mozilla-rootcerts

It is now known that there are people that prefer manual operation via
the mozilla-rootcerts script to the mozilla-rootcerts-openssl package.
Therefore, mention both approaches (without veering into documentation
of them or tutorial -- just enough to make people aware they exist).

Log message:
mozilla-rootcerts: Extend DESCR

Make it clear that this package does not configure certificates as
trust anchors.

Point to mozilla-rootcerts-openssl for actual installation.

Log message:
Update to the latest certdata.txt version available in Mozilla repo.

Log message:
mozilla-rootcerts*: update to the latest certdata.txt commit.
Let's call this 20190306, as that's the date of the commit.

Most notably, this adds support for Let's Encrypt
(ISRG Root X1).

Changes:
+# Certificate "Certigna Root CA"
+# Certificate "GTS Root R1"
+# Certificate "GTS Root R2"
+# Certificate "GTS Root R3"
+# Certificate "GTS Root R4"
+# Certificate "GlobalSign Root CA - R6"
+# Certificate "Hongkong Post Root CA 3"
+# Certificate "ISRG Root X1"
+# Certificate "OISTE WISeKey Global Root GC CA"
+# Certificate "UCA Extended Validation Root"
+# Certificate "UCA Global G2 Root"
+# Certificate "emSign ECC Root CA - C3"
+# Certificate "emSign ECC Root CA - G3"
+# Certificate "emSign Root CA - C1"
+# Certificate "emSign Root CA - G1"
-# Certificate "AC Raiz Certicamara S.A."
-# Certificate "Certplus Root CA G1"
-# Certificate "Certplus Root CA G2"
-# Certificate "ComSign CA"
-# Certificate "ISRG Root X1"
-# Certificate "OpenTrust Root CA G1"
-# Certificate "OpenTrust Root CA G2"
-# Certificate "OpenTrust Root CA G3"
-# Certificate "S-TRUST Universal Root CA"
-# Certificate "TC TrustCenter Class 3 CA II"
-# Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5"
-# Certificate "Visa eCommerce Root"

Log message:
Update to 1.0.20180111

* Based on NSS 3.35 beta 1

Log message:
Regularize path subsitution and use PREFIX

Use PREFIX rather than LOCALBASE.  What matters is where this packages
prefix is, not anything else.

Substitute all paths the same way, assigning to sh variables in one
place, alphabetically, and then using them.  Sort list of substituted
variables alphabetically also, so it's easier to review the code.

No functional change for any reasonable configuration.

Based on a suggestion by J. Lewis Muir on pkgsrc-users.

Log message:
Add comment about multiple install locations

This package installs into either the builtin openssl or the pkgsrc
one, depending on which is chosen.  However, that's not obviously
right (while also not obviously wrong).  If there are two versions of
of openssl, perhaps both should have certificates configured.  Or
perhaps not -- this simply adds a comment that the issue bears
thinking about.