[CentOS] Adding CA/Root SSL / TLS Certificate, HTTPS

Wed Jan 16 06:53:47 UTC 2013
Bry8 Star <bry8star at yahoo.com>

THANKS John Doe, ( per your instruction after adding 'www', download now
succeeds :) i should have thought about it earlier :( )

How to manually add new root cert inside cert8.db or cert9.db file ? (
in /etc/pki/nssdb folder )

and How to manually add new root cert inside ca-bundle.trust.crt or
ca-bundle.crt file ? ( in /etc/pki/tls/certs folder )

-- Bright Star.

John Doe:
> From: Bry8 Star <bry8star at yahoo.com>
>> Using "wget", i'm trying to securely(HTTPS) get gpg keys/files from
>> https://fedoraproject.org/keys site, which is using root I have
>> tried: wget https://fedoraproject.org/static/DE7F38BD.txt But
>> 'wget' showed following warning, its not able to verify cert & 
>> failing to download file over HTTPS : [wget msg] ... Connecting to
>> fedoraproject.org||:443... connected. ERROR: certificate
>> common name *.fedoraproject.org fedoraproject.org To connect to
>> fedoraproject.org insecurely, use --no-check-certificate. [end of
>> wget msg]
> The certificate is a wildcard (for *.) and wget seems to expect a
> hostname like "something.fedoraproject.org" So either follow wget
> advice to not check the certificate, or just put something like
> "www." in front... wget
> https://www.fedoraproject.org/static/DE7F38BD.txt
> JD _______________________________________________ CentOS mailing
> list CentOS at centos.org 
> http://lists.centos.org/mailman/listinfo/centos

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20130116/4274e3a5/attachment-0004.sig>