HOW TO IMPORT CUSTOM CERTIFICATE TO CERTIFICATE STORAGE IN DEBIAN LINUX

Say you are trying to install software and receive message from the operating system about untrusted certificate in certificate chain.
In such case you need to import certificate of the middle-man organization into the Linux certificate storage to make things happen.

If for some reason your third-party certificate comes in DER binary format, you should convert it to CRT format:

openssl x509 -inform DER -in certificate.der -out certificate.crt

Copy to storage:

sudo cp certificate.crt /usr/local/share/ca-certificates/my-custom-ca/

Do not forget to install [Midnight Commander] to make file management operations a bit easier:

sudo apt-get install mc

Update cert storage:

sudo update-ca-certificates

To check installed cert [exact name without extension]:

ls /etc/ssl/certs | grep certificate 

If everything is OK utility should display full name of certificate with extension.

If you removed any certificates from the storage and would like to refresh the storage:

sudo update-ca-certificates --fresh

That’s it for today, catch me around!

---