Questions and Answers : Unix/Linux : Update IdenTrust DST Root CA X3 certificate on older FreeBSD
Message board moderation
Author | Message |
---|---|
Send message Joined: 7 Nov 17 Posts: 29 Credit: 13,770,308 RAC: 278 |
IdenTrust DST Root CA X3 certificate, is expired 30.09.2021. For older systems FreeBSD (eg 10) is no longer supported. Dirty method for renewing certificates. 1. Download from site https://curl.se/ca/cacert.pem https://curl.se/docs/caextract.html on over other computer. 2. Move cacert.pem to your computer 3. cp -p cacert.pem cacert.crt 4. cp -p cacert.crt ca-root-nss.crt 5. cp -p /usr/local/share/certs/ca-root-nss.crt /usr/local/share/certs/ca-root-nss-old1.crt (make copy old file) 6. cp -p ca-root-nss.crt /usr/local/share/certs/ 7. Restart your computer 8. If file ca-root-nss.crt exists in other place - update then his... If you additionally use your own valid "Class 1" certificates, do not forget to connect them too. For supported FreeBSD systems (e.g. 11, 12, 13). Just update the ports and reinstall the ca_root_nss port ( /usr/ports/security/ca_root_nss ). Info: https://scotthelme.co.uk/lets-encrypt-old-root-expiration/ |
©2024 ©2024 Progger & Stefano Tognon (ice00) & Reese