Installing certificates in Ubuntu OS
- Main
- Knowledge base
- Instructions
- Installing certificates in Ubuntu OS
12.01.2023, 03:22
In the last article, we told you what certificates are in Ubuntu and what tasks they perform. In this article, we will talk about how to install certificates, in particular, we will talk about installing them in the operating system.
Installation in the OS
If you want to use signed certificates to enable HTTPS support on a web server, then open such a website using a browser or make a request to it on the command line, the system will give you an SSL error. It will say that this certificate is not trusted and the connection to this site may not be secure.
curl -I https://localhost
In order for the certificate to be considered trusted, it is necessary to add the root certificate of the certification authority with which it was signed to the trusted list in the OS. If the certificate is self-signed, you can add it to the trusted list.
You already have a ca.crt. certificate, but how to make the OS regard it as reliable? To do this, copy it to the /usr/local/share/ca-certificates folder:
cp ./ca.crt /usr/local/share/ca-certificates/losstca.crt
Next you need to run the command:
sudo update-ca-certificates
However, this method is appropriate when programs use the system storage of trusted certificates. Browsers (Firefox and Google Chrome) have their own certificate stores and do not use the system storage. You need to import certificates separately in each browser.
Chrome, Firefox, Thunderbird use nssdb to work with certificates. You can import certificates both in the browser GUI and in the terminal using the certutil program.
Other articles of the section
