Import Private Root CA Certificate (Debian/Ubuntu)

Overview

If you want to sign an internal web server with a Certificate signed by an internal Root CA follow these steps.

Steps

Export the Root CA Certificate

On a ADCS server you can do this by connecting to http://server/certsrv and click Download a CA certificate, certificate chain, or CRL, Then Select the current CA Certificate, Click Base 64, and click Download CA certificate.

Copy the certificate to your linux server

Copy the exported certificate file to your linux server. The target directory on Debian based distros is:

/usr/local/share/ca-certificates/

Note: The exported cert is an ascii text file so you can cut and paste the contents into a new file if that is easier.

Import the Private Root CA certificate

update-ca-certificates

Test

openssl s_client -connect www.domain.tld:443 -CApath /etc/ssl/certs

Reference

http://superuser.com/questions/437330/how-do-you-add-a-certificate-authority-ca-to-ubuntu

Import Private Root CA Certificate (Debian/Ubuntu)

Views

Contents

Overview

Steps

Export the Root CA Certificate

Copy the certificate to your linux server

Import the Private Root CA certificate

Test

Reference

Navigation menu

Navigation

Search

Tools

Personal tools