Re: Add a ca root to ca-certificates in WSL environment?
On Tue, Dec 14, 2021 at 9:17 AM Michael Loftis wrote: > > No special magic for the WSL Ubuntu install. You just apt-get install > ca-certificates on the WSL Ubuntu environment command line, drop the > pem certificate(s) in file(s) in /etc/ssl/certs, run > update-ca-certificates (as root, use sudo) and you're done. Just > make sure the pem's are globally readable. The new certificate(s) will > be included in /etc/ssl/certs/ca-certificates.crt and all system > packages use that as their trusted root certs, pretty sure it'll also > add the hash symlinks too. That decade (and a bit) old IR is long, > long, long closed. This will NOT affect any Windows based stuff. Ack, thanks. > If you need to have it packaged then you'll have to do your own > package, with a post-install hook. You shouldn't be > replacing/overriding the ca-certificates package. Thanks. Jeff -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Add a ca root to ca-certificates in WSL environment?
No special magic for the WSL Ubuntu install. You just apt-get install ca-certificates on the WSL Ubuntu environment command line, drop the pem certificate(s) in file(s) in /etc/ssl/certs, run update-ca-certificates (as root, use sudo) and you're done. Just make sure the pem's are globally readable. The new certificate(s) will be included in /etc/ssl/certs/ca-certificates.crt and all system packages use that as their trusted root certs, pretty sure it'll also add the hash symlinks too. That decade (and a bit) old IR is long, long, long closed. This will NOT affect any Windows based stuff. If you need to have it packaged then you'll have to do your own package, with a post-install hook. You shouldn't be replacing/overriding the ca-certificates package. On Mon, Dec 13, 2021 at 6:36 PM Jeffrey Walton wrote: > > Hi Everyone, > > I'm working on a Windows machine with Windows Subsystem Linux (WSL). > The machine hosts Ubuntu 20.04. We are having some TLS problems due to > an interception proxy. I need to add a CA root to the ca-certificates > package or store. > > I checked the Ubuntu wiki and found one article on ca-certificates at > https://wiki.ubuntu.com/IncidentReports/2011-09-20-ca-certificates-removes-libnss3. > > I'm Ok with dropping the root CA in the filesystem and running > c_rehash, if needed. I'm happy to use the method if that is > recommended. > > My question is, how would I go about adding a root CA to the machine's > trusted root store? > > Thanks in advance. > > -- > Ubuntu-devel-discuss mailing list > Ubuntu-devel-discuss@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss -- "Genius might be described as a supreme capacity for getting its possessors into trouble of all kinds." -- Samuel Butler -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Add a ca root to ca-certificates in WSL environment?
Hi Everyone, I'm working on a Windows machine with Windows Subsystem Linux (WSL). The machine hosts Ubuntu 20.04. We are having some TLS problems due to an interception proxy. I need to add a CA root to the ca-certificates package or store. I checked the Ubuntu wiki and found one article on ca-certificates at https://wiki.ubuntu.com/IncidentReports/2011-09-20-ca-certificates-removes-libnss3. I'm Ok with dropping the root CA in the filesystem and running c_rehash, if needed. I'm happy to use the method if that is recommended. My question is, how would I go about adding a root CA to the machine's trusted root store? Thanks in advance. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
