Well really it's not that big a deal but I just have to find fixes to these kind of things.
1. Open a TERMINAL window.
2. TYPE sudo apt-get install libnss3-tools (HIT ENTER).
3. Open GEDIT or any text editor and cut and paste the below text (in green and no blank lines at the top or bottom):
#!/bin/sh
#
# usage: import-cert.sh remote.host.name [port]
#
REMHOST=$1
REMPORT=${2:-443}
exec 6>&1
exec > $REMHOST
echo | openssl s_client -connect ${REMHOST}:${REMPORT} 2>&1 |sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "$REMHOST" -i $REMHOST
exec 1>&6 6>&-
4. Save this file in your HOME directory as import-cert.sh and close GEDIT.
5. Import your SSL by typing the following command into your TERMINAL window.
bash import-cert.sh YOUR.SERVER.NAME 443
6. Done!
NOTES: Replace YOUR.SERVER.NAME with your sever's fully quilitified domain name. If your server is using a different PORT (443 is default) then replace the 443 with whatever PORT your company uses. Make sure you can connect to YOUR SERVER (connect your VPN?)
Other useful certutil commands (TYPE them in a TERMINAL window):
List all certificates in your database:
certutil -L -d sql:$HOME/.pki/nssdb
To delete a certificate
certutil -d sql:$HOME/.pki/nssdb -D -n <certificate nickname>
Replace <certificate nickname> with the name displayed by the List Certificates command.
FULL CREDIT: The Bash Script is NOT mine. I did NOT write it, I found it on THIS SITE and it was written by Peter van der Does (according to the website). Follow the link and read his article for a description of what all this does.
No comments:
Post a Comment