Web lists-archives.com

Re: Correct way to install Intermediate certificates in Debian

On 13.04.2019 23:21, Tyler A wrote:
I found a temporary solution that at least lets me visit the sites in Firefox.

However this doesn't fix OpenSSL (thus things like curl, wget).

#!/usr/bin/env bash

sudo apt-get install libnss3-tools


wget -c "${downloadCerts[@]}"

for f in *.crt; do
    openssl x509 -inform der -outform pem -in "$f" -out "$fbasename".pem
    find ~ -name cert9.db -printf '%h\0' |
    while IFS= read -rd '' certDir; do
        certutil -A -n "${fbasename}" -t "TCu,Cuw,Tuw" -i "${fbasename}".pem -d sql:"$certDir"

This script imports certificates into Mozilla Firefox own NSS DB.
You can do the same procedure more easily in Firefox GUI with "Certificate Manager". ("Preferences" >> "Privacy & Security", click "View Certificates")

With kindest regards, Alexander.

⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org