docs/SSLCERTS: update the section about NSS database

Bug: http://curl.haxx.se/mail/lib-2014-07/0335.html
Reported-by: David Shaw

docs/SSLCERTS

@@ -106,19 +106,13 @@ NSS to read the OpenSSL PEM CA bundle. This library is missing in OpenSuSE, and
 without it, NSS can only work with its own internal formats. NSS also has a new
 database format: https://wiki.mozilla.org/NSS_Shared_DB
 
-Starting with version 7.19.7, libcurl will check for the NSS version it runs,
+Starting with version 7.19.7, libcurl automatically adds the 'sql:' prefix to
-and automatically add the 'sql:' prefix to the certdb directory (either the
+the certdb directory (either the hardcoded default /etc/pki/nssdb or the
-hardcoded default /etc/pki/nssdb or the directory configured with SSL_DIR
+directory configured with SSL_DIR environment variable). To check which certdb
-environment variable) if version 3.12.0 or later is detected. To check which
+format your distribution provides, examine the default certdb location:
-certdb format your distribution provides, examine the default
+/etc/pki/nssdb; the new certdb format can be identified by the filenames
-certdb location: /etc/pki/nssdb; the new certdb format can be identified by
+cert9.db, key4.db, pkcs11.txt; filenames of older versions are cert8.db,
-the filenames cert9.db, key4.db, pkcs11.txt; filenames of older versions are
+key3.db, secmod.db.
-cert8.db, key3.db, modsec.db.
-
-Usually these cert databases are empty, but NSS also has built-in CAs which are
-provided through a shared library, libnssckbi.so; if you want to use these
-built-in CAs, then create a symlink to libnssckbi.so in /etc/pki/nssdb:
-ln -s /usr/lib[64]/libnssckbi.so /etc/pki/nssdb/libnssckbi.so
 
      Peer SSL Certificate Verification with Schannel and Secure Transport
      ====================================================================