Difference between revisions of "Linux SSL Certs"
From Hack Sphere Labs Wiki
(Created page with "=Adding CA Cert= mkdir /usr/share/ca-certificates/extra You need a pem format SSL Cert in Linux: https://support.ssl.com/Knowledgebase/Article/View/19/0/der-vs-crt-vs-cer-vs...") |
(→Adding CA Cert) |
||
| Line 10: | Line 10: | ||
Update your ca-db | Update your ca-db | ||
update-ca-certificates | update-ca-certificates | ||
| + | ==Notes== | ||
| + | c_rehash | ||
| + | c_rehash scans directories and takes a hash value of each .pem and .crt | ||
| + | file in the directory. It then creates symbolic links for each of the | ||
| + | files named by the hash value. This is useful as many programs require | ||
| + | directories to be set up like this in order to find the certificates | ||
| + | they require. | ||
Latest revision as of 18:44, 27 October 2013
Adding CA Cert
mkdir /usr/share/ca-certificates/extra
You need a pem format SSL Cert in Linux: https://support.ssl.com/Knowledgebase/Article/View/19/0/der-vs-crt-vs-cer-vs-pem-certificates-and-how-to-convert-them
cp CA.crt /usr/share/ca-certificates/extra/ chmod 755 CA.crt
You can copy many including your intermediates
openssl x509 -hash -noout -in CA.crt
Link your hash to your new CA.crt location do them all
ln -s /usr/share/ca-cerfificates/extra/CA.crt /etc/ssl/certs/TheHash.0
Update your ca-db
update-ca-certificates
Notes
c_rehash
c_rehash scans directories and takes a hash value of each .pem and .crt
file in the directory. It then creates symbolic links for each of the
files named by the hash value. This is useful as many programs require
directories to be set up like this in order to find the certificates
they require.
