नमस्ते

Today I am going to show you how to add a self signed certificate to the list of trusted certificates in fedora.

I was trying to install some packages on fedora and was getting SSL errors while I was connected to my university WiFi (which makes use of self signed certificate). In order to connect to my university WiFi, I need to accept and add a self-signed certificate to list of trusted certificates.

Note: Remember that adding self-signed certificates to list of trusted certificates is not recommended unless no other option is available.

We can add and trust the certificate from browser if you just want to browse the internet. But if you want connection in the complete environment i.e., terminal, browser, apps, etc. you can follow the steps mentioned below.

First we need to download the self-signed certificate from the WiFi portal or the web. For me, the certificate is available on my university intranet.

Step 1: Copy the self signed certificate to trusted certificates folder.

sudo cp /path/to/certificate.cer /etc/pki/ca-trust/source/anchors/

Remember to replace ‘/path/to’ with the folder in which your certificate is downloaded.

Step 2: Update list of trusted certificates

sudo update-ca-trust

Now you can connect to the internet via browser, terminal and other applications.

Thanks to ‘puiterwijk’ on IRC #fedora-admin on Freenode.

P.S.: Never do online transaction or other sensitive transactions on public WiFi.

Let the Windows be open, and feel the Freedom.

Advertisements

4 thoughts on “[Fedora] Add self signed certificate to list of trusted certificates

  1. For anyone who happens across this, this is *extremely* bad and dangerous advice. This tells your system to trust the self-signed cert in question *as a CA cert*, meaning you would also trust any certificate *signed by* that certificate. Which is a terrible idea. Don’t do this. Just don’t.

    Like

    1. Hi, Maybe you did not see the Bold *Note* at the beginning of the post. I presume that the comment was made just by looking at the title and not the content. I am not encouraging anyone to randomly add any certificate to their system. This is just a way that they can use the internet in this scenario where the university provides their own certificate. I have already asked on Fedora channel and I know that it is not recommended but possible and it is up to the user to do so.

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s