Remove blank line -- the "#-" marker should go on the line below the invocator

Change blank line should to "#" to connect the license with the FreeBSD ident(1) tag

Don't use basename in a sub-shell, but instead SCRIPTNAME="${0##*/}"

Remove whitespace between function name and parens
Insert newline before opening function curly
Add following new lines after opening curly:

local hash

You have enough globals, functions, and sundry that it's worth templatizing this file.

The template structure is simple.

# x 60 + single space + all-caps description of section

And it has a 3-line footer:

# x 80
# END
# x 80

Here you would put:

############################################################ CONFIGURATION

: ${SEARCHPATH:=...
...

############################################################ GLOBALS

SCRIPTNAME=...
...

############################################################ FUNCTIONS

do_hash()
{
...

And then after the last function:

############################################################ MAIN

Insert single space after $( and before corresponding ) -- you already have a space after $(( and before )) -- this allows the word-jump features of readline keybindings to really shine-through, making editing easier in all editors that support them (which includes vi, nvi, vim, emacs, Mac OS X TextEdit, and a great number of others).

Add double-quotes around $1

Instead of testing exit status separately with $? combine to form:

if hash=$( openssl x509 -noout -subject_hash -in "$1" ); then

Add quotes around $hash unless the intention is to munge whitespace

Insert newline before opening function curly
Remove whitespace between function name and parens
Add following new lines after opening curly:

local hash

Should be:

hash=$( do_hash "$1" ) || return

Insert whitespace after $( and before corresponding ).
Remove argument to return so that exit status of hash() can percolate up.

Add quotes around $BLACKLISTDESTDIR/${hash}.0
Remove unnecessary curlies around ${hash}

Remove unnecessary curlies around ${hash}

Remove unnecessary curlies around ${hash}

Add quotes around $1
Add quotes around $CERTDESTDIR/${hash}.0

Remove whitespace between function name and parens.
Add newline before opening curly.
Add following new lines after opening curly:

local hash

Add single whitespace after $( and before corresponding )
Add double-quotes around $1

Remove unnecessary curlies around ${hash}

Add double-quotes around $1 and $BLACKLISTDESTDIR/${hash}.0.
Remove unnecessary curlies around ${hash}

Add quotes around $2

Decrease the indentation by changing to:

[ -e "$CFILE" ] || continue
[ $VERBOSE -gt 0 ] && echo "Reading $CFILE"
"$1" "$2/$CFILE"

Note that I would add double-quotes around $CFILE, $1, and $2/$CFILE

You might want to add a cd - before the end to restore the previous working directory (balancing out the initial cd).

Remove whitespace between function name and parens.
Add newline before opening curly.
Add following new lines after opening curly:

local CFILE subject

Add double-quotes around $1

Decrease the indentation level by using:

if [ ! -s "$CFILE" ]; then
        echo "Unable to read $CFILE" >&2
        ERRORS=$(( $ERRORS + 1 ))
        continue
fi
subject=
if [ $VERBOSE -eq 0 ]; then
        subject=$( openssl x509 -noout -subject -nameopt multiline -in "$CFILE" |
                sed -n '/commonName/s/.*= //p' )
fi
[ "$subject" ] ||
        subject=$( openssl x509 -noout -subject -in "$CFILE" )
printf "%s\t%s\n" "$CFILE" "$subject"

Notice that I would:
Add double quotes around $CFILE.
Change subject="" to subject=.
Add single space after $( and before corresponding ).
Change if [ -z "$subject" ]; then subject=... to [ "$subject" ] || subject=....
Change echo -e to printf.
Remove unnecessary curlies around ${CFILE} and ${subject}.

Remove whitespace between function name and parens.
Add newline before opening curly.
Add following new lines after opening curly:

local BPATH CPATH

Add double-quotes around $CERTDESTDIR

Add double-quotes around $BLACKLISTDESTDIR

Let's look at the contextual facts:
You are in a function.
You do not use any of $#, $*, $@, $num, or any variations of those below this point.

This means that we can use set -- args to reset "argc" ($#) and argv ($@ and $*) to something else. Combined with a customized IFS value, this is how you can parse a string into an array ("$@" consisting of $# elements when referenced in the argument space of another program/function/builtin/keyword/etc) using a custom delimiter.

All together, it takes the whitespace delimited $BLACKLISTPATH processed as you have it currently:

for BPATH in $BLACKLISTPATH; do

to a custom (in this case, :) delimited $BLACKLISTPATH processed using:

local oldIFS="$IFS" # put at top of function near other locals
IFS=:
set -- $BLACKLISTPATH
IFS="$oldIFS"
for BPATH in "$@"; do

Reduce indentation by changing to:

[ -d "$PATH" ] || continue
echo "Scanning $BPATH for blacklisted certificates..."
do_scan create_blacklisted "$BPATH"

Noticed that I would:
Add double quotes around $BPATH.

Following the advice above for $BLACKLISTPATH, here I would change a whitespace delimited $SEARCHPATH to a : delimited $SEARCHPATH using:

IFS=:
set -- $SEARCHPATH
IFS="$oldIFS"
for CPATH in "$@"; do

Remove whitespace between function name and parens.
Add newline before opening curly.

Remove whitespace between function name and parens.
Add newline before opening curly.
Add following new lines after opening curly:

local BFILE

Combine the comment about shift to one line like so:

shift # verb

Notice that I would simply state what is being shifted-out.

Add double-quotes around $BLACKLISTDESTDIR

Add double-quotes around $@

Add double-quotes around $BFILE

Remove whitespace between function name and parens.
Add newline before opening curly.
Add following new lines after opening curly:

local BFILE hash

Combine shift and comment to a single-line and only say what is being shifted:

shift # verb

We know shift removes arguments, just tell us what it was.

Add double-quotes around $@

Add double-quotes around $BFILE

Add a single space after $( and before ).

Remove unnecessary curlies around ${hash}

Change to:

rm -f "$BLACKLISTDESTDIR/$hash.0"

Note that I would:
Add double-quotes around $BLACKLISTDESTDIR/${hash}.0.
Remove unnecessary curlies around ${hash}.

Add double-quotes around $BLACKLISTDESTDIR/$BFILE

Add double-quotes around $BLACKLISTDESTDIR/$BFILE

Remove whitespace between function name and parens.
Add newline before opening curly.

Add double-quotes around $BLACKLISTDESTDIR

Remove whitespace between function name and parens.
Add newline before opening curly.

Usage is supposed to be printed on stderr.
Add the following line before this first echo:

exec >&2

This will cause all following output to be redirected to stderr.

Add double-quotes around $1

Combine to form:

list) cmd_list ;;

Combine to form:

rehash) cmd_rehash ;;

Add double-quotes around $@ and combine lines to form:

blacklist) cmd_blacklist "$@"

Add double-quotes around $@ and combine lines to form:

unblacklist) cmd_unblacklist "$@"

Combine to form:

blacklisted) cmd_blacklisted ;;

case patterns should be indented to the same level as the case and esac lines.

The fallback for a case statement does not need the ;; terminator.
Remove unnecessary terminator.
Combine lines and add comment to remind us that usage calls exit

*) usage # NOTREACHED

This stanza destroys the exit status of the desired function. Consider the following solution:

retval=$?
[ $ERRORS -gt 0 ] && echo "Encountered $ERRORS errors" >&2
exit $retval