Home > Backend Development > Golang > Where Do Linux Systems Find Their TLS Root Certificate Authority Certificates?

Where Do Linux Systems Find Their TLS Root Certificate Authority Certificates?

DDD
Release: 2024-12-19 17:46:09
Original
216 people have browsed it

Where Do Linux Systems Find Their TLS Root Certificate Authority Certificates?

Where Are Certificates Acquired for TLS Root CAs on Linux?

According to crypto/tls.Config.RootCAs, which defines the set of trusted root certificate authorities (CAs), the host's root CA set is used for verification when RootCAs is nil. Understanding the process of acquiring these certificates enables administrators to trust additional root CAs.

On Linux systems, TLS checks several locations in sequence to obtain the host's root CA set:

  • /etc/ssl/certs/ca-certificates.crt (Debian/Ubuntu/Gentoo)
  • /etc/pki/tls/certs/ca-bundle.crt (Fedora/RHEL 6)
  • /etc/ssl/ca-bundle.pem (OpenSUSE)
  • /etc/pki/tls/cacert.pem (OpenELEC)
  • /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (CentOS/RHEL 7)
  • /etc/ssl/cert.pem (Alpine Linux)

If any of these files exist, TLS will use the certificates contained within to build the host's root CA set. This understanding allows for seamless management of trusted CAs by administering these files as needed.

The above is the detailed content of Where Do Linux Systems Find Their TLS Root Certificate Authority Certificates?. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template