You are not logged in.
I'm sure there's an answer to this somewhere, but I just haven't been able to find it. So I apologize if the answer is obvious and I've missed it anyway.
My problem is that I haven't been able to properly add a system-wide self-signed certificate. This is for development purposes in a Python virtual environment. Previously everything that was need was that I manually placed the needed certs in $VIRTUAL_ENV/lib/python3.x/site-packages/certifi/cacert.pem. However, this no longer seems to be the case.
Now I can get this working by manually adding the certs in /etc/ssl/certs/ca-certificates.txt. The problem with this is that this file seems to get overwritten during updates. However, I cannot figure out where to put certs so that they would be appended automatically or otherwise taken into account.
I've tried the following instructions: https://www.archlinux.org/news/ca-certificates-update/
Unfortunately that didn't help. I'm not sure if my file format is correct (originally a .pem file), but renaming the file doesn't seem to work.
Any help is appreciated!
Offline
See Trust a certificate authority system-wide:
trust anchor certificate.crt
See also [SOLVED] Can I trust self-signed SSL certificate?:
tl;dr Generate a certificate issued by own CA (see the script below)
Last edited by sabroad (2019-11-28 17:26:53)
--
saint_abroad
Offline
Thanks for your answer! Unfortunately this doesn't seem to work, at least not with Celery. I removed the said certificates from ca-certificates.crt and tried the method above. After restarting everything Celery jobs fail due to certficate problems. I'm not sure if I did everything correctly, but I get no feedback from the commands.
Last edited by The Unnamable (2019-11-29 07:47:20)
Offline
Following
trust anchor certificate.crtIs the certificate included in the list?
trust listThen, has the compat store been generated?
trust extract-compatAnd, does curl trust the connection?
curl https://localhost/--
saint_abroad
Offline