I managed to repeat the things done by @n9erator and TLS 1.2 in default browser of my N9 is working!!!

Sadly not certificates thing. I mean - TLS 1.2 in browser itself works. But every site complains about certificates. "Security certificate is not trusted" I know that to fix this aegis-certman-common-ca changes were needed. But.

1. Applying the postinst patch worked
2. In etc/ssl/certs/common-ca I removed all files and inserted crt files from ca-certificates of Ubuntu, moved to *.pem as they were text ones
3. Patch on certman_main.cpp didn't work, something got rejected. I applied changes manually then.

Building worked fine, installing not, though. Error during postinst part:

Checking /etc/ssl/certs, it's the first cert. I can't remove them, because they are owned by weird aegis users and chowning to root has no effect. I understand that patched postinst causes that, but what's wrong then?

Tried different way, usually working - injecting PEM files into /usr/local/ssl/certs (my OpenSSL 1.0.1t is in /usr/local + /usr/local/ssl), doing c_rehash then (had to use custom perl), it worked but still browser always complains.

What certs did you use and how did you put them to aegis-certman source? But don't think that's the cause, because only applying patch to postinst causes error on installing as well (keeping default certs from source).

Thanks in advance