There's a merged pull request on the void-packages repository p11-kit: use system ca certificates as input for trust module https://github.com/void-linux/void-packages/pull/11492 Description: To date p11-kit was built with `--without-trust-paths` which means that p11-kit was not feeded with the systems CAs and presented an empty store when queried. This broke applications distributed via flatpak, which uses p11-kit to query the hosts available CAs and make them available inside the sandboxes.