Trusted ca store in Linux

From UVOO Tech Wiki
Jump to navigation Jump to search

Linux

Add Internal Root CA to trusted store via BASH

#!/bin/bash
set -eu

test_url="https://host.intranet/"
cert_file_name="internal-rootca1.crt"
os_distribution=$(awk -F '=' '/ID_LIKE/ { print $2 }' /etc/os-release)

root_ca_crt="-----BEGIN CERTIFICATE-----
your pem cert lines
-----END CERTIFICATE-----
"


add_ca_crt_debian(){
  # sudo apt-get install -y ca-certificates
  echo "debian"
  echo "${root_ca_crt}" | sudo tee  /usr/local/share/ca-certificates/${cert_file_name}
  sudo update-ca-certificates
}


add_ca_crt_fedora(){
  echo "fedora"
  echo "${root_ca_crt}" | sudo tee  /etc/pki/ca-trust/source/anchors/${cert_file_name}
  sudo update-ca-trust
}


if [ $os_distribution = "fedora" ]; then
  add_ca_crt_fedora
elif [ $os_distribution = "debian" ]; then
  add_ca_crt_debian
else
  echo "Unsupported OS distribution $os_distribution."
fi

curl -I ${test_url}
echo "Success: Installation and test of trusted ca cert is complete."
Retrieved from "https://tech.uvoo.io/index.php?title=Trusted_ca_store_in_Linux&oldid=4749"