So we have a scenario where we have a local application on our machine that uses a self-signed certificate that we would like to trust.
Firstly download the ca-certificates package:
apt-get install ca-certificatesProceed by obtaining our certificate we would like to import e.g.:
openssl s_client -connect mywebsite.com:443Extract the public key from the output and place it in a file called something like:
yourhost.crt
** Important: You MUST ensure that the file extension is '.crt' or the ca-certificates tool will not pickup the certificate! **
sudo cp mydomain.crt /usr/local/share/ca-certificatesor
sudo cp mydomain.crt /usr/share/ca-certificates
Then simply run the following command to update the certificate store:
sudo update-ca-certificatesAnd if (or when) you wish to remove the certificate we can issue the following command:
dpkg-reconfigure ca-certificates
0 comments:
Post a Comment