- Copy or SFTP certificate to machine
- Go to /usr/local/share/ca-certificates/
- Create a new folder, i.e. "sudo mkdir my-cert"
- Copy the .crt file into the my-cert folder
- Make sure the permissions are OK (
755
for the folder,644
for the file) - Run
sudo update-ca-certificates
- Copy file
/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
to local folder. - Append PEM to end of file.
- Mount using
./cert/tls-ca-bundle.pem:/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
Note:
/etc/ssl/certs/ca-bundle.crt
is a symlink to/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
-
Windows-only:
JAVA_OPTS=-Djavax.net.ssl.trustStore=C:\\Windows\\win.ini -Djavax.net.ssl.trustStoreType=Windows-ROOT`` (file is ignored when
trustStoreTypeis
Windows-ROOT`) -
Certificate need to be added to Java Keystore
keytool -import -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -alias my-ca -file /mnt/d/SSL-Trust-2018.crt
# Possible location of cacerts
# /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts
# /usr/lib/jvm/jre/lib/security/cacerts
Note: If using Docker, copy the
cacerts
and add tokeytool
to append the certificate and mount the file using./cert/cacerts:/usr/lib/jvm/jre/lib/security/cacerts
.
python -m pip install --upgrade pip --cert SSL-Trust-2018.crt
pip --trusted-host pypi.org --trusted-host files.pythonhosted.org install XXX
Legacy host:
pypi.python.org
require('https').globalAgent.options.rejectUnauthorized = false
NODE_TLS_REJECT_UNAUTHORIZED=0
SET NODE_EXTRA_CA_CERTS=/path-to-extra.crt
npm config set strict-ssl false
This will update the file in
$HOME/.npmrc
TBD: npm set ca null
git -c http.sslVerify=false clone ...
For global disable:
git config --global http.sslVerify false
Put cert into /etc/ssl/certs/
export SSL_CERT_FILE=/etc/ssl/certs/SSL-Trust-2018.crt
or
Use -k
flag.
Apply fix for curl
.
Append strict-ssl=false
to
%LOCALAPPDATA%\.meteor\packages\meteor-tool\1.xxx\mt-os.windows.x86_64\dev_bundle\lib\node_modules\npm\npmrc
~/.meteor/packages/meteor-tool/1.xxx/mt-os.linux.x86_64/dev_bundle/lib/node_modules/npm/npmrc
EXPORT NODE_TLS_REJECT_UNAUTHORIZED=0