Skip to content

Instantly share code, notes, and snippets.

@epcim
Last active August 19, 2024 09:05
Show Gist options
  • Save epcim/03f66dfa85ad56604c7b8e6df79614e0 to your computer and use it in GitHub Desktop.
Save epcim/03f66dfa85ad56604c7b8e6df79614e0 to your computer and use it in GitHub Desktop.
trusted certificates system update-ca-certificates

Adding trusted root certificates to the server

Mac OS X

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/new-root-certificate.crt
sudo security delete-certificate -c "<name of existing certificate>"

Windows

certutil -addstore -f "ROOT" new-root-certificate.crt
certutil -delstore "ROOT" serial-number-hex

Linux (Ubuntu, Debian)

apt install ca-certificates
# Copy your CA to dir /usr/local/share/ca-certificates/
sudo cp foo.crt /usr/local/share/ca-certificates/foo.crt
sudo update-ca-certificates
# To remove/rebuild
sudo update-ca-certificates --fresh

Linux (CentOs 6)

yum install ca-certificates
#Enable the dynamic CA configuration feature:
update-ca-trust force-enable

#Add it as a new file to /etc/pki/ca-trust/source/anchors/:
cp foo.crt /etc/pki/ca-trust/source/anchors/

update-ca-trust extract

Linux (CentOs 5)

#Append your trusted certificate to file /etc/pki/tls/certs/ca-bundle.crt
cat foo.crt >> /etc/pki/tls/certs/ca-bundle.crt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment