[CentOS] Adding CA/Root SSL / TLS Certificate, HTTPS
bry8star at yahoo.com
Tue Jan 15 06:26:36 UTC 2013
I need to add my own and other/new self-signed ca/root cert in CentOS
pki database/system, for all/most type of apps to use.
Using "wget", i'm trying to securely(HTTPS) get gpg keys/files from
https://fedoraproject.org/keys site, which is using root cert with
CN = GeoTrust Global CA
O = GeoTrust Inc.
I have tried:
But 'wget' showed following warning, its not able to verify cert &
failing to download file over HTTPS :
[wget msg] ...
Connecting to fedoraproject.org|184.108.40.206|:443... connected.
ERROR: certificate common name *.fedoraproject.org
To connect to fedoraproject.org insecurely, use --no-check-certificate.
[end of wget msg]
rpm --import https://fedoraproject.org/static/DE7F38BD.txt
but no new gpg key inside
the /etc/pki/rpm-gpg directory
HOW TO MANUALLY ADD CA/ROOT CERT IN CENTOS ?
(as I need to add OTHER self-signed root cert in CentOS pki database,
for all apps to use).
so that wget, rpm or other apps can use them without warning.
if a self-signed CA/root cert is added in
then would it allow apps which use nssdb, to use the new root cert
how to manually add new root cert inside cert8.db or cert9.db ?
is it using sqlite ?
and, if a self-signed CA/root cert is added inside
then would that allow apps which use it to automatically use this/these
what apps can be used to manually add more CA/root certs in those bundles ?
can OpenSSL or GnuTLS be used to print out root cert in the format
(compatible with and) which can be added inside those CA-bundles ?
Thank you (in advance),
-- Bright Star.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 195 bytes
Desc: OpenPGP digital signature
More information about the CentOS