Linux SSL Certs

From Hack Sphere Labs Wiki
Jump to: navigation, search

Adding CA Cert

mkdir /usr/share/ca-certificates/extra

You need a pem format SSL Cert in Linux:

cp CA.crt /usr/share/ca-certificates/extra/
chmod 755 CA.crt

You can copy many including your intermediates

openssl x509 -hash -noout -in CA.crt

Link your hash to your new CA.crt location do them all

ln -s /usr/share/ca-cerfificates/extra/CA.crt /etc/ssl/certs/TheHash.0

Update your ca-db



      c_rehash scans directories and takes a hash value of each .pem and .crt
      file in the directory. It then creates symbolic links for each of the
      files named by the hash value. This is useful as many programs require
      directories to be set up like this in order to find the certificates
      they require.