- Create
selfsigned
directory on/usr/share/ca-certificates/
- Copy your
company.crt
file to the/usr/share/ca-certificates/selfsigned
- Run
sudo dpkg-reconfigure ca-certificates
, hityes
to accept all certificates insideca-certificates
folder - Search you certificate in the list and press space to select it, after this press enter to add the certificates
- Using
curl -I https://youdomain.com
before add the certificate you get:
curl: (60) SSL certificate problem: self signed certificate
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
- After add the certificate using
dpkg-reconfigure
you get:
If you don't have the certutil
command, you should be install libnss3-tools
running this:
sudo apt-get install libnss3-tools
To add the certificate, run the command:
certutil -d sql:$HOME/.pki/nssdb -A -t "P,," -n MYFILENAME -i /my_cert_dir/mycertificate.crt
Check if the certificate works with this command certutil -d sql:$HOME/.pki/nssdb -L
You can see the certificate:
$ certutil -d sql:$HOME/.pki/nssdb -L
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
MYFILENAME P,,