You are not logged in.
Hello,
to access an internal gitlab server, i need to install their ca certification, but i am not able to install it properly.
I have already downloaded the cert and can use it successfully if I use curl's cacert flag like this:
curl --cacert /etc/ca-certificates/trust-sources/blabla.crt -vs https://some-gitlab.com
but as soon as I remove the --cacert flag I get this error:
SSL certificate problem: unable to get local issuer certificate
When i run "trust list" I can see my entry. The only difference to all other entries is that the category is "other entry" instead of "authority".
Steps I have already tried:
"trust anchor --store path/to/cert"
"trust extract-compat"
"update-ca-trust"
"update-ca-trust enable"
"update-ca-trust extract"
Manually placing the cert into /etc/ca-certificates/trust-sources/ and running "trust extract-compat" again
As I understand it, the certificate must be available in /etc/ssl/certs/ca-certificates.crt, which is a symlink to /etc/ca-certificates/extracted/tls-ca-bundle.pem
One thing I haven't tried yet was to make tls-ca-bundle.pem writable and append the cert manually because that didn't seem like the right thing to do.
Can someone tell my what I am doing wrong?
EDIT
apparently my cert was present in /etc/ca-certificates/extracted/tls-ca-bundle.pem so all i did to get everything working was deleteing /etc/ssl/certs/ca-certificates.crt and create the symlink again so now the cert was also in /etc/ssl/certs/ca-certificates.crt and everything is working now.
Last edited by FlorianRaith (2020-04-30 21:08:27)
Offline