LINUX - Add certificates to CA file

De PedroWiki
Révision datée du 6 mars 2023 à 10:50 par Jules (discussion | contributions) (Page créée avec « = Introduction = You may need, at some point, to manually add some certs (self signed certs for instance, or certs associated to a local/internal PKI) to the system CA st... »)
(diff) ← Version précédente | Voir la version actuelle (diff) | Version suivante → (diff)

Introduction

You may need, at some point, to manually add some certs (self signed certs for instance, or certs associated to a local/internal PKI) to the system CA store.

How to add cert?

Ubuntu

See this manpage about update-ca-certificate command.

Steps:

  • get the cert(s) you want to add, and create files
vi mycert.pem
  • put those files in a subfolder of /usr/share/ca-certificates/
mkdir /usr/share/ca-certificates/mysubfolder
mv mycert.pem /usr/share/ca-certificates/mysubfolder/
  • edit /etc/ca-certificates.conf and add 1 line per new cert at the end of the file
mysubfolder/mycert.pem
  • finally, update the CA store with the appropriate command:
root@mymachine:/usr/share/ca-certificates/manitou# update-ca-certificates
Updating certificates in /etc/ssl/certs...
...
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
Récupérée de « https://wiki.pedrono.fr/index.php?title=LINUX_-_Add_certificates_to_CA_file&oldid=829 »