This is just as a reminder for myself, as I keep forgetting about this stuff.
If like me you run a server with services that depends on SSL and need to install a certificate issued by a Certificate Authority (CA) like CACert, this might be interesting to you as well.
On Red Hat based systems the CA certificate for SSL is usually installed in the /etc/pki/tls/certs directory. The certificate is basically just dropped there in a file which name is its hash – built with the openssl program.
I wrote the shell scriptlet http://dodji.seketeli.net/install-ca-cert.txt. Download it, save it as install-ca-cert.sh and turn it into an executable.
Then, assuming your certificate is in a file named your-ca.crt, install it by doing:
sudo ./install-ca-cert.sh ./your-ca.crt
Voila. I don't know how that works on other distributions, though.
 

7 comments:
Why not use OpenSSL's c_rehash?
Thank you Daniël. I didn't know about that utility. I have updated the post accordingly.
On Debian based systems this is done by the update-ca-certificates program from the ca-certificates package (http://packages.debian.org/sid/ca-certificates).
Hello
Excellent post.I want to thank you for this informative read, I really appreciate sharing this great post. Keep up your work.
Digital certificate is an electronic document that uses a digital signature to bind a public key with identity information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual.
Digital Certificate for Security
Nice and informative article. I love it. I love it so much, that the greedy visual-data gnome in me wants more !
Thanks for sharing such nice blog post. If you are getting bored and want your lonely night turn into joyful, instant get in touch with most reputed escort agency https://www.elitemanchesterescorts.co.uk/locations/ringway-escorts/.
Post a Comment