Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

If the CA certificates did not exists on the server, you may need to manually store add the CA certificates in the system certificate directory.

Note

Ubuntu is very good at keeping an updated list of recognized and certified CAs. As long as the certificate exists, let the OS manage this and skipping to the nexst section, Storing Public and Private Keys.

Code Block
languagebash
sudo chmod root:root
sudo mv *.pem /ect/ssl/certs
Warning

I noticed that this folder actually contains symbolic links generally to /usr/share/ca-certificates/.

I also believe the symbolic links are generated by the command sudo dpkg-reconfigure ca-certificates.

There is also an entry etc/apache2/sites-available/default-ssl that reads,

"update the hash symlinks after changes"

Why is this done this way? I do not know. I am guessing that this is for having multiple applications trust the cert store. Still need to research this more.

or import to the Ubuntu Certificate Repository.

In the case of the Select CA part of this tutorial the CA certificates were found and identified in the Ubuntu Certificate Repository.

Storing Public and Private Keys

...