...
Download CA Certificates
You may also need the CA's certificates .which can be downloaded from StartSSL,
| Panel |
|---|
Toolbox, StartCom CA Certificates: Download "StartCom Root CA (PEM encoded)" |
It is recommend to change the ca.pem file to include the CA's brand or name, such as, StartSSL_Root_CA.pem.
However, you will want to check if the file already exists as part of the operating system. In the case of Ubuntu, the default location, /etc/ssl/certs. The advantage is Ubuntu will manage the update of these files if they ever change.
| Code Block | ||
|---|---|---|
| ||
diff StartSSL_Root_CA.pem/etc/ssl/certs/StartCom_Certification_Authority.pem |
As seen above, since no data is returned from the diff command the files match exactly.
Download Intermediate Certificates
In some cases you will may also need the intermediate certificates.
...
Change the default sub.class1.server.ca.pem file to include the CA's brand or name such as, StartSSL_Sub_Class1_CA.pem.
However, you will want to check if the file already exists as part of the operating system. In the case of Ubuntu, the default location, /etc/ssl/certs. The advantage is Ubuntu will manage the update of these files if they ever change.
| Code Block | ||
|---|---|---|
| ||
diff StartSSL_Sub_Class1_CA.pem StartSSL_Sub_Class1_CA.pem |
As seen above, since no data is returned from the diff command the files match exactly.
Store Certificates in Protect Area
...
Store the CA certificates into the publicly view-able folder,
| Code Block | ||
|---|---|---|
| ||
chmod
sudo mv *.pem /ect/ssl/certs
sudo mv *.crt /etc/ssl/certs |
...