Linux SSL Certs

From Hack Sphere Labs Wiki
Revision as of 18:44, 27 October 2013 by Webdawg (talk | contribs) (Adding CA Cert)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Adding CA Cert

mkdir /usr/share/ca-certificates/extra

You need a pem format SSL Cert in Linux: https://support.ssl.com/Knowledgebase/Article/View/19/0/der-vs-crt-vs-cer-vs-pem-certificates-and-how-to-convert-them

cp CA.crt /usr/share/ca-certificates/extra/
chmod 755 CA.crt

You can copy many including your intermediates

openssl x509 -hash -noout -in CA.crt

Link your hash to your new CA.crt location do them all

ln -s /usr/share/ca-cerfificates/extra/CA.crt /etc/ssl/certs/TheHash.0

Update your ca-db

update-ca-certificates

Notes

c_rehash
      c_rehash scans directories and takes a hash value of each .pem and .crt
      file in the directory. It then creates symbolic links for each of the
      files named by the hash value. This is useful as many programs require
      directories to be set up like this in order to find the certificates
      they require.