Add CA cert to local trust store on CentOS, Debian or Ubuntu

add CA cert on CentOS Debian Ubuntu.md

• Open a webpage that uses the CA with Firefox
• Click the lock-icon in the addressbar -> show information -> show certificate
• the certificate viewer will open
• click details and choose the certificate of the certificate-chain, you want to import to CentOS
• click "Export..." and save it as .crt file
• Copy the .crt file to /etc/pki/ca-trust/source/anchors on your CentOS machine
• run update-ca-trust extract
• test it with wget https://thewebsite.org

On debian and ubuntu the directory is /usr/local/share/ca-certificates/ and the command to update is update-ca-certificates

At least on ubuntu:
Be sure that the filename ends with .crt and that its content starts with -----BEGIN CERTIFICATE----- and ends with -----END CERTIFICATE-----

Excellent post!! thanks.

For self-signed certs on dev laptops, don't forget to restart your web browser (chrome) so it can see the changes you just made to CentOS.

How about CentOS?

excellent post !! Thanks so much

[CentOS] Firefox will offer to download the full-chain of certificates as a PEM file. Choose that option, copy the downloaded PEM file into /etc/pki/ca-trust/source/anchors, run sudo update-ca-trust extract, and this also updates the CA trust certificate stores (which use /etc/pki/ca-trust files).

"Be sure that the filename ends with .crt"
Just saved me hours. Thank mate.