Trusting an CA certificate - Fedora Support Forums and Community
Results 1 to 3 of 3
  1. #1
    Join Date
    Nov 2011

    Trusting an CA certificate


    I'm using Fedora 19.

    I'm not very experienced with this all certificate business, but I want to make some warnings disappear.

    I'm connecting (with fetchmail) to on `imaps` port via SSL, and I'm getting their SSL certificate. I'd like to enforce a proper validation of this certificate by trusting its CA. I've found that their CA is named "DigiCert High Assurance CA-3", but Fedora 19 seems to only include DigiCert High Assurance CA-0. So I've navigated to DigiCert's website to got the required certificate (I hope). I've translated the .crt format to .pem format by using this command:

    $ openssl x509 -inform DES -in DigiCertHighAssuranceCA-3.crt -out DigiCertHighAssuranceCA-3.pem -text
    I've copied DigiCertHighAssuranceCA-3.pem to /etc/pki/tls/certs and I've run:

    $ sudo c_rehash .
    Doing .
    DigiCertHighAssuranceCA-3.pem => 02b2d53d.0
    Unfortunately, fetchmail still shows me an SSL error. I'm sure I've missed something, but any guides that I find on the Internet for other distros doesn't apply for Fedora 19, because F19 seems to have changed its certificate management.

    I'm too green to figure out the proper solution to my problem :)

    Could anyone help?

  2. #2
    Join Date
    Jun 2010

    Re: Trusting an CA certificate

    Look here:
    Hope it can help.

    ---------- Post added at 11:57 AM ---------- Previous post was at 11:52 AM ----------

    There is a README: /etc/pki/ca-trust/source/README
    QUICK HELP: To add a certificate in the simple PEM or DER file formats to the
                list of CAs trusted on the system:
                Copy it to the
                subdirectory, and run the
                If your certificate is in the extended BEGIN TRUSTED file format,
                then place it into the main source/ directory instead.

  3. #3
    Join Date
    Nov 2011

    [SOLVED] Re: Trusting an CA certificate

    It worked!

    Thank you!

Similar Threads

  1. Can't install Software after trusting key?
    By Farmboy87 in forum Using Fedora
    Replies: 2
    Last Post: 5th September 2010, 12:12 PM
  2. Replies: 0
    Last Post: 4th September 2008, 12:42 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts