Install a Root CA in the Linux Trust Store (Ubuntu, Debian, RHEL, SUSE) скачать в хорошем качестве

Install a Root CA in the Linux Trust Store (Ubuntu, Debian, RHEL, SUSE)

In this step-by-step Linux tutorial, we install and remove an internal Root CA certificate in the Linux trust store for Ubuntu, Debian, RHEL, and SUSE so your servers and clients trust certificates issued by your organization’s PKI. Using an Active Directory–joined lab, I walk through how to: • Test SSL/TLS connections with curl before and after adding a root CA • Install a Root CA on Ubuntu & Debian with update-ca-certificates • Install a Root CA on openSUSE & SLES using /etc/pki/trust/anchors and trust list • Install a Root CA on Red Hat Enterprise Linux and Oracle Linux with update-ca-trust • Verify trust with curl, trust list, and the system CA bundle • Cleanly uninstall the Root CA on each platform • Understand the difference between the system trust store and Firefox’s browser certificate store and how to import your CA into Firefox If you run internal HTTPS sites, appliances, or APIs with an enterprise CA (AD CS / internal PKI), this is a must-have step for getting Linux to trust your certificates and eliminating noisy SSL warnings. ⏱ What this video covers: • Why Linux needs your internal Root CA • Converting/exporting the root certificate to PEM .crt • Copying the Root CA from a Windows CA to Linux (scp) • Paths for CA installation: o Ubuntu/Debian: /usr/local/share/ca-certificates o openSUSE/SLES: /etc/pki/trust/anchors o RHEL/Oracle Linux: /etc/pki/ca-trust/source/anchors • Updating trust stores with update-ca-certificates and update-ca-trust • Importing the Root CA into Firefox so browser warnings go away 👍 If this helps you clean up SSL errors in your lab or production, please like, subscribe, and share with another IT pro. #Linux #TrustStore #CertificateAuthority #SysAdmin #PKI #CyberSecurity #LinuxTutorial Applies to: ✅ Ubuntu, Debian, RHEL, SUSE Commands and Scripts (PowerShell & BASH) GitHub: https://github.com/DariensTips/Instal... Chapters: 0:00 Introduction 0:39 Install Root CA: Ubuntu — Debian 2:12 Uninstall Root CA: Ubuntu — Debian 2:40 Install Root CA: OpenSUSE — SLES 3:33 Uninstall Root CA: OpenSUSE — SLES 4:02 Install Root CA: Red Hat Enterprise Linux 4:47 Uninstall Root CA: Red Hat Enterprise Linux 5:03 Note about Internet Browsers 6:02 Thank you for watching 6:25 Links & Resources Links & Resources: https://access.redhat.com/solutions/5... https://documentation.ubuntu.com/serv... https://forums.opensuse.org/t/how-to-... https://www.baeldung.com/linux/instal... Glossary: PKI = Public Key Infrastructure — Framework for managing digital certificates, encryption keys, and trust relationships in an organization. CA = Certificate Authority — Trusted entity that issues and signs digital certificates to establish identity and enable secure connections. SAN = Subject Alternative Name — X.509 certificate extension that allows multiple hostnames, IP addresses, or domains to be secured by one certificate. AD = Active Directory — Microsoft directory service that manages users, computers, and security policies in Windows domains. PEM = Privacy Enhanced Mail — Base64‑encoded certificate format with headers like -----BEGIN CERTIFICATE-----, widely used in Linux trust stores. DER = Distinguished Encoding Rules — Binary encoding format for X.509 certificates, often seen with .der or .cer extensions. CRT = Certificate file (X.509 format) — Common Linux convention for PEM‑encoded certificates with a .crt extension. CSR = Certificate Signing Request — File generated when requesting a certificate from a CA, containing public key and identifying information. Related videos and Playlists:    • Linux      • Active Directory Certificate Services (ADCS)