p11-kit: add Fedora/RHEL trust store path

Fedora and RHEL use a different location for the trust store, compared
to other distros. Without this, validation of the CA root certificates
fails in all nss applications.

pkgs/development/libraries/p11-kit/default.nix

@@ -31,7 +31,11 @@ stdenv.mkDerivation rec {
   configureFlags = [
     "--sysconfdir=/etc"
     "--localstatedir=/var"
-    "--with-trust-paths=/etc/ssl/trust-source:/etc/ssl/certs/ca-certificates.crt"
+    "--with-trust-paths=${lib.concatStringsSep ":" [
+      "/etc/ssl/trust-source"               # p11-kit trust source
+      "/etc/ssl/certs/ca-certificates.crt"  # NixOS + Debian/Ubuntu/Arch/Gentoo...
+      "/etc/pki/tls/certs/ca-bundle.crt"    # Fedora/CentOS
+    ]}"
   ];
 
   enableParallelBuilding = true;