/etc/rc.d/certctl_init: Default off.

Otherwise in systems without certctl_init=YES, such as systems
installed with sysinst(8) where it's unnecessary because the rehash
has already happened at install time, you'll get spurious warnings.

PR install/57629

XXX pullup-10

etc/defaults/rc.conf

@@ -1,4 +1,4 @@
-#	$NetBSD: rc.conf,v 1.165 2023/07/02 12:39:05 nia Exp $
+#	$NetBSD: rc.conf,v 1.166 2023/09/27 01:27:32 riastradh Exp $
 #
 # /etc/defaults/rc.conf --
 #	default configuration of /etc/rc.conf
@@ -144,6 +144,7 @@ sysdb=YES					# build system databases
 rndctl=NO		rndctl_flags=""		# configure rndctl(8)
 gpio=NO						# configure GPIO devices
 modules=YES					# process /etc/modules.conf
+certctl_init=NO					# rehash /etc/openssl/certs
 
 # cope with other OSes using the real time clock at localtime on this
 # machine (by adjusting kern.rtc_offset at boot)