Local certificates

Systemwide certificates

To add a certificate (for example your or your organization's internal CA certificate) to the systemwide list of trusted certificates, place the new certificate in /usr/local/share/ca-certificates/.

root #mkdir -p /usr/local/share/ca-certificates/
root #cp path/to/my.crt /usr/local/share/ca-certificates/

Make sure users have necessary read access to the directory/certificates, or users won't trust them due to read failures. Also make sure untrusted users don't have write access!

Then either run

root #update-ca-certificates

or rebuild app-misc/ca-certificates with

root #emerge -1 app-misc/ca-certificates

to add the certificates to /etc/ssl/certs/.

Chromium

Chromium (like many other web browsers) do not use the systemwide CA certificate list.

You need to open chrome://settings/certificates then choose Authorities tab and import your CA certificate.

See also

This article is issued from Gentoo. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.