Getting SSL Certificates to be trusted by OpenSSL and related tools

compared with
Current by NotSupportContact-Mark Carey
on Jul 15, 2011 11:46.

This line was removed.
This word was removed. This word was added.
This line was added.

Changes (1)

View Page History
Groundwork ships with its own copy of OpenSSL. As with every copy of OpenSSL, no certificates are installed in the trusted certificate store. If you wish OpenSSL or tools built against it to trust any certificate or CA(Certificate Authority) you will need to install them to the trusted certificate store.

Copy your certificates to /usr/local/groundwork/common/openssl/certs. If the certificates were signed by a CA(e.g., Verisign, GoDaddy, Comodo, Self-Signed CA, etc.), then the entire certificate chain must be copied here as well. Certificates must be pem formatted and have the .pem extension. Then run c_rehash:
{code:title=run as root}/usr/local/groundwork/common/bin/c_rehash{code}
This will create a symbolic link to each certificate using the hash of the certificate has the link name with a {{.0}} (zero) as the extension. OpenSSL and tools built against it will now recognize these certificates as trusted.