« PowerShell - Liens utiles » et « LINUX - Add certificates to CA file » : différence entre les pages

De PedroWiki
(Différence entre les pages)
Aller à la navigationAller à la recherche
imported>Jules
 
imported>Jules
Aucun résumé des modifications
 
Ligne 1 : Ligne 1 :
= Introduction =
= Introduction =


Cette page recense les liens intéressant sur l'utilisation et la syntaxe de PowerShell, classés par thème ou sujet.
You may need, at some point, to manually add some certs to the system CA store.


= Généralité =
Use cases:
* self signed certs for instance,
* or certs associated to a local/internal PKI,
* or CA certs not known by default by your system.
* ...


* [https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_language_keywords?view=powershell-7.2#exit PowerShell keywords (exit...)].
= How to add cert? =


= Variables management =
== Ubuntu ==


* [https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_variables?view=powershell-7.2 Utilisation des variables en PowerShell].
See [https://manpages.ubuntu.com/manpages/focal/man8/update-ca-certificates.8.html this manpage about update-ca-certificate command].
* [https://www.red-gate.com/simple-talk/sysadmin/powershell/how-to-use-parameters-in-powershell/ How to use parameters in PowerShell, partI].


= String management =
=== CA Cert ===


* [https://stackoverflow.com/questions/15113413/how-do-i-concatenate-strings-and-variables-in-powershell Concaténation].
Steps:
* get the cert(s) you want to add, and create files


= VMWare management =
vi mycert.pem


* [https://vdc-repo.vmware.com/vmwb-repository/dcr-public/cd82421a-ee01-40a9-97c3-424ae49db692/972fed92-0e32-4993-9d35-0557c829bebd/doc/New-VirtualPortGroup.html VirtualPortGroup Management].
* put those files in a subfolder of ''/usr/share/ca-certificates/''


[[Category:Powershell]]
mkdir /usr/share/ca-certificates/mysubfolder
[[Category:Windows]]
mv mycert.pem /usr/share/ca-certificates/mysubfolder/
[[Category:Scripting]]
 
* edit ''/etc/ca-certificates.conf'' and add 1 line per new cert at the end of the file
 
mysubfolder/mycert.pem
 
* finally, update the CA store with the appropriate command:
 
root@mymachine:/usr/share/ca-certificates/manitou# update-ca-certificates
Updating certificates in /etc/ssl/certs...
...
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
 
=== Local cert ===
 
* If needed rename your cert(s) file(s) with a .crt extension.
* Then place it in ''/usr/share/local/ca-certificates/''.
* Finally update the store
 
update-ca-certificates [[--fresh]]
 
[[Category:SSL]]
[[Category:Linux]]
[[Category:Howto]]

Version du 6 mars 2023 à 11:12

Introduction

You may need, at some point, to manually add some certs to the system CA store.

Use cases:

  • self signed certs for instance,
  • or certs associated to a local/internal PKI,
  • or CA certs not known by default by your system.
  • ...

How to add cert?

Ubuntu

See this manpage about update-ca-certificate command.

CA Cert

Steps:

  • get the cert(s) you want to add, and create files
vi mycert.pem
  • put those files in a subfolder of /usr/share/ca-certificates/
mkdir /usr/share/ca-certificates/mysubfolder
mv mycert.pem /usr/share/ca-certificates/mysubfolder/
  • edit /etc/ca-certificates.conf and add 1 line per new cert at the end of the file
mysubfolder/mycert.pem
  • finally, update the CA store with the appropriate command:
root@mymachine:/usr/share/ca-certificates/manitou# update-ca-certificates
Updating certificates in /etc/ssl/certs...
...
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.

Local cert

  • If needed rename your cert(s) file(s) with a .crt extension.
  • Then place it in /usr/share/local/ca-certificates/.
  • Finally update the store
update-ca-certificates --fresh
Récupérée de « http://wiki.pedrono.fr/index.php?title=PowerShell_-_Liens_utiles&oldid=852 »