Last active
September 18, 2020 08:33
-
-
Save pit/44ac940812de93417b6efa3bf32f43aa to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apt update | |
apt install -y --no-install-recommends apt-transport-https ca-certificates curl | |
cd /tmp | |
rm /tmp/*.pem | |
curl -LO https://www.websecurity.symantec.com/content/dam/websitesecurity/support/digicert/thawte/ica/Thawte_TLS_RSA_CA_G1.pem | |
curl -LO https://www.websecurity.symantec.com/content/dam/websitesecurity/support/digicert/thawte/ica/Thawte_RSA_CA_2018.pem | |
curl -LO https://www.websecurity.symantec.com/content/dam/websitesecurity/support/digicert/thawte/ica/Thawte_EV_RSA_CA_2018.pem | |
cp /tmp/*.pem /etc/ssl/certs/ | |
# When will ask for certificates to enable choose all with Digicert/Thawte in their names | |
dpkg-reconfigure ca-certificates | |
# One line by one, when will ask for override - say yes | |
sudo keytool -import -trustcacerts -storepass changeit -file ./Thawte_RSA_CA_2018.pem -alias Thawte_RSA_CA_2018_v2 -keystore /etc/ssl/certs/java/cacerts | |
sudo keytool -import -trustcacerts -storepass changeit -file ./Thawte_EV_RSA_CA_2018.pem -alias Thawte_EV_RSA_CA_2018_v2 -keystore /etc/ssl/certs/java/cacerts | |
sudo keytool -import -trustcacerts -storepass changeit -file ./Thawte_TLS_RSA_CA_G1.pem -alias Thawte_TLS_RSA_CA_G1_v2 -keystore /etc/ssl/certs/java/cacerts | |
sudo keytool -import -trustcacerts -storepass changeit -file ./DigiCertGlobalRootCA.pem -alias DigiCertGlobalRootCA_v2 -keystore /etc/ssl/certs/java/cacerts | |
sudo keytool -import -trustcacerts -storepass changeit -file ./DigiCertHighAssuranceEVRootCA.pem -alias DigiCertHighAssuranceEVRootCA_v2 -keystore /etc/ssl/certs/java/cacerts | |
sudo keytool -import -trustcacerts -storepass changeit -file ./DigiCert_Global_Root_G2.pem -alias DigiCert_Global_Root_G2_v2 -keystore /etc/ssl/certs/java/cacerts | |
update-ca-certificates |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment