SSL Certificate Management in slackware
by John Lumby from LinuxQuestions.org on (#6PT0N)
I am looking for information specific to Slackware 15 (or current) on how to manage and in particular install SSL certificates.
My particular task is to make my dovecot self-signed server certificate, /etc/pki/dovecot/certs/dovecot.pem
trusted by thunderbird (running on same slackware system).
In one other distro I was able to run
Code:trust anchor --store /etc/pki/dovecot/certs/dovecot.pemand this stored the cert somewhere (I forget where) such that thunderbird would find it.
slackware provides the trust command, but the response was
Quote:
At this point, my ignorance left me stuck, as I don't know which Quote:
is supposed to already exist and hold certificate anchors. I looked around a bit and can't find anything except these two directories :
/usr/share/ca-certificates/mozilla
/etc/ssl/certs
all files in the second dir apparently end up resolving via sym links to the first one.
I also found references to adding the cert manually and running a command named update-ca-trust, which sounded promising, except that on my slackware system there is no executable named update-ca-trust ...
So I resorted to RTFM --- I found
/usr/doc/Linux-HOWTOs/SSL-Certificates-HOWTO
which covers exactly the ground I need to deal with, but which turns out to be hopelessly out-of-date -- e.g. it claims that all certs are located in /var/ssl , but this directory does not exist on my slackware, and doesn't tell me a command to use for my task.
This document tells me the current version is at
https://tldp.org/HOWTO/SSL-Certifica...WTO/index.html
but the version there is the same version as the file and also out-of-date.
So :
1. can any kind slacker tell me the exact set of commands I need to run to have my dovecot.pem trusted (by thunderbird is sufficient)
2. for bonus points, can anyone describe or point me to a current outline of certificate management in slackware 15, including locations of certs and commands to be used
My particular task is to make my dovecot self-signed server certificate, /etc/pki/dovecot/certs/dovecot.pem
trusted by thunderbird (running on same slackware system).
In one other distro I was able to run
Code:trust anchor --store /etc/pki/dovecot/certs/dovecot.pemand this stored the cert somewhere (I forget where) such that thunderbird would find it.
slackware provides the trust command, but the response was
Quote:
| p11-kit: no configured writable location to store anchors |
| configured writable location |
/usr/share/ca-certificates/mozilla
/etc/ssl/certs
all files in the second dir apparently end up resolving via sym links to the first one.
I also found references to adding the cert manually and running a command named update-ca-trust, which sounded promising, except that on my slackware system there is no executable named update-ca-trust ...
So I resorted to RTFM --- I found
/usr/doc/Linux-HOWTOs/SSL-Certificates-HOWTO
which covers exactly the ground I need to deal with, but which turns out to be hopelessly out-of-date -- e.g. it claims that all certs are located in /var/ssl , but this directory does not exist on my slackware, and doesn't tell me a command to use for my task.
This document tells me the current version is at
https://tldp.org/HOWTO/SSL-Certifica...WTO/index.html
but the version there is the same version as the file and also out-of-date.
So :
1. can any kind slacker tell me the exact set of commands I need to run to have my dovecot.pem trusted (by thunderbird is sufficient)
2. for bonus points, can anyone describe or point me to a current outline of certificate management in slackware 15, including locations of certs and commands to be used