Adding Trusted Certificates to Ubuntu: A Step-by-Step Guide

Managing trusted certificates is a critical part of ensuring secure communication between your devices and servers.

In this guide, we’ll walk you through the process of adding certificates to the trusted authorities in Ubuntu, as well as incorporating them into Firefox for seamless browsing.

Step-by-Step Guide: Adding a Certificate to Ubuntu Trusted Authorities

Adding a certificate to Ubuntu’s trusted authorities ensures that applications running on the system can validate the authenticity of the certificate. Follow these steps:

1. Locate or Obtain the Certificate

Ensure you have the desired certificate in .crt  format. If you’re obtaining it from a website, use the following command to download it:

openssl s_client -showcerts -connect example.com:443 < /dev/null | openssl x509 -outform PEM > example.crt

Replace example.com with your desired domain.

Alternatively, you can install the certificate package with apt command, like this:

sudo apt install ca-certificates

2. Move the Certificate to the Trusted Directory

Copy the .crt file to the system’s trusted certificate directory:

sudo cp example.crt /usr/local/share/ca-certificates/

3. Update the Trusted Certificates

Run the following command to add the certificate to the trusted authorities:

sudo update-ca-certificates

You should see a message indicating the number of certificates added.

4. Verify the Certificate Installation

To verify that the certificate is trusted, you can check its presence in the system’s certificate store:

ls /etc/ssl/certs | grep example

How to Add a Certificate in Firefox

If you’re using Firefox, certificates must be manually imported into its trust store. Here’s how to do it:

1. Open Firefox Certificate Manager

1. Launch Firefox.
2. Navigate to Settings > Privacy & Security.
3. Scroll down to the "Certificates" section and click on View Certificates.

2. Import the Certificate

1. In the Certificate Manager, go to the "Authorities" tab.
2. ClickImport and select the .crt file.
3. When prompted, check the appropriate trust options, such as "Trust this CA to identify websites."
4. Click OK to save the changes.

3. Test the Certificate

Visit a website that uses the imported certificate to ensure no warnings appear. If everything is set up correctly, Firefox will recognize the certificate as trusted.

Final Thoughts

Adding trusted certificates to Ubuntu and Firefox is a straightforward process that enhances the security and reliability of your system. By ensuring that your certificates are properly integrated, you minimize the risk of security warnings and ensure encrypted connections function as intended. For system administrators, this is a crucial part of maintaining a secure infrastructure. Regularly updating and managing your trusted certificates will keep your workflows and communications secure.