...
| Panel |
|---|
/etc/ssl/private/ # Only view-able by root and a good the standard location for the private keys |
Store the CA certificates into the publicly view-able folder,
| Code Block | ||
|---|---|---|
| ||
sudo mv *.pem /ect/ssl/certs sudo mv *.crt /etc/ssl/certs |
| Warning |
|---|
I noticed that this folder actually contains symbolic links generally to /usr/share/ca-certificates/. I also believe the symbolic links are generated by the command sudo dpkg-reconfigure ca-certificates. There is also an entry etc/apache2/sites-available/default-ssl that reads, "update the hash symlinks after changes" Why is this done this way? I do not know. I am guessing that this is for having multiple applications trust the cert store. Still need to research this more. |
Store the private key into the protected folder,
...