OpenSSL: Add certificate to the OpenSSL trustbase

1. # You can test whether your desired certificate is trusted by OpenSSL
2. # with the following command
3.  
4. openssl verify file.crt
5.  
6. # You will get an error for self-signed certificates or certificates,
7. # signed by an issuer not known by OpenSSL, e.g.
8. # error 20 at 0 depth lookup:unable to get local issuer certificate
9.  
10. # You can add your certificate to the OpenSSL trustbase as administrator (user root)
11.  
12. # First check the OpenSSL installation base:
13. openssl version -d
14.  
15. # You will see something like
16. # OPENSSLDIR: "/etc/ssl"
17.  
18. # Change to the OpenSSL certs directory
19. cd /etc/ssl/certs
20.  
21. # Copy your certificate file in this directory
22. cp /path-to/file.crt file.pem
23. chmod 644 file.pem
24.  
25. # Now get the subject hash of your certificate data
26. openssl x509 -noout -hash -in file.pem
27.  
28. # You will see a hash value, like e.g.
29. # a35307e4
30.  
31. # Create a hash specific symbolic link for your certificate file
32. ln -s file.pem a35307e4.0
33.  
34.  
35. # Now you can verify your certificate
36. openssl verify file.crt
37.  
38. # The result should look similar to the following line
39. # file.crt: OK