How to trust self-signed SSL/TLS certificates linux
How to enable system-wide trust for self-signed SSL/TLS certificates on Linux, useful for private Docker registries and internal services.
How to enable system-wide trust for the private Docker registry: create the symlink:
To add a self-signed CA certificate to the system trust store on RHEL/CentOS, create a symlink from your certificate into the anchors directory and then run update-ca-trust. After that, tools like curl will trust the certificate without requiring the --insecure flag.
1
2
3
ln -s /etc/pki/tls/certs/docker-registry-ca.crt /etc/pki/ca-trust/source/anchors/
update-ca-trust
curl -v https://localhost:5000
RPM spec: Requires: /usr/bin/update-ca-trust Requires: ca-certificates
This post is licensed under CC BY 4.0 by the author.