The problem is this: We run a page that sends curl request to a remote https server. This failed since we moved the account to a new centos7 server. It seems on centos7 /etc/pki/tls/certs/ca-bundle.crt is linked to /etc/pki/ca-trust/extracted/openssl/ca-bundle.crt which is not available to cagefs users. We tried to add /etc/pki to /etc/cagefs/cagefs.mp and run cagefsctl --remount-all but this doesn't help while /etc/pki/ca-trust is still not available to cagefs users. We also tried to delete the /etc/pki/tls/certs/ca-bundle.crt link and put there a real file, however to cagefs users it's still being shown as a link. finnaly we solved it with moving the bundle to the account directory and setting curl.cainfo="ca-bundle.crt" in it's php.ini. However we want to solve this server wide. Please advise.