Update RHEL 7 CA Trusts

1- Verify current list of trusted CA's:

awk -v cmd='openssl x509 -noout -subject' ' /BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-bundle.crt

2- Copy certs into /etc/pki/ca-trust/source/anchors/:

cp /home/username/new-certs/* /etc/pki/ca-trust/source/anchors/

3- Update the CA trusts:

After copying the new certs into the anchors directory, run the update-ca-trust command.

update-ca-trust

4- Verify current list of trusted CA's:

awk -v cmd='openssl x509 -noout -subject' ' /BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-bundle.crt
By @Jean Figarella in [ pki ] Mon 21 December 2020
Tags :