Make CA Certificate trusted in Ubuntu

add_CA_certificate_ubuntu.md

Make certificates trusted in Ubuntu

• Create selfsigned directory on /usr/share/ca-certificates/
• Copy your company.crt file to the /usr/share/ca-certificates/selfsigned
• Run sudo dpkg-reconfigure ca-certificates, hit yes to accept all certificates inside ca-certificates folder
• Search you certificate in the list and press space to select it, after this press enter to add the certificates

Teste with CURL

• Using curl -I https://youdomain.com before add the certificate you get:

curl: (60) SSL certificate problem: self signed certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

• After add the certificate using dpkg-reconfigure you get:

Add to Chrome accept your self-signed certificate

If you don't have the certutil command, you should be install libnss3-tools running this:

sudo apt-get install libnss3-tools

To add the certificate, run the command:

certutil -d sql:$HOME/.pki/nssdb -A -t "P,," -n MYFILENAME -i /my_cert_dir/mycertificate.crt

Check if the certificate works with this command certutil -d sql:$HOME/.pki/nssdb -L You can see the certificate:

$ certutil -d sql:$HOME/.pki/nssdb -L

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

MYFILENAME                                                   P,,