132 lines
3.3 KiB
HTML
132 lines
3.3 KiB
HTML
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<HTML><HEAD><TITLE>Man page of UPDATE-CA-CERTIFICATES</TITLE>
|
|
</HEAD><BODY>
|
|
<H1>UPDATE-CA-CERTIFICATES</H1>
|
|
Section: Maintenance Commands (8)<BR>Updated: 20 April 2003<BR><A HREF="#index">Index</A>
|
|
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<A NAME="lbAB"> </A>
|
|
<H2>NAME</H2>
|
|
|
|
update-ca-certificates - update /etc/ssl/certs and ca-certificates.crt
|
|
<A NAME="lbAC"> </A>
|
|
<H2>SYNOPSIS</H2>
|
|
|
|
<B>update-ca-certificates</B>
|
|
|
|
[<I>options</I>]
|
|
|
|
<A NAME="lbAD"> </A>
|
|
<H2>DESCRIPTION</H2>
|
|
|
|
This manual page documents briefly the
|
|
<B>update-ca-certificates</B>
|
|
|
|
command.
|
|
<P>
|
|
|
|
<B>update-ca-certificates</B> is a program that updates the directory
|
|
/etc/ssl/certs to hold SSL certificates and generates ca-certificates.crt,
|
|
a concatenated single-file list of certificates.
|
|
<P>
|
|
|
|
It reads the file /etc/ca-certificates.conf. Each line gives a pathname of
|
|
a CA certificate under /usr/share/ca-certificates that should be trusted.
|
|
Lines that begin with "#" are comment lines and thus ignored.
|
|
Lines that begin with "!" are deselected, causing the deactivation of the CA
|
|
certificate in question. Certificates must have a .crt extension in order to
|
|
be included by update-ca-certificates.
|
|
<P>
|
|
|
|
Furthermore all certificates with a .crt extension found below
|
|
/usr/local/share/ca-certificates are also included as implicitly trusted.
|
|
<P>
|
|
|
|
Before terminating, <B>update-ca-certificates</B> invokes
|
|
<B>run-parts</B> on /etc/ca-certificates/update.d and calls each hook with
|
|
a list of certificates: those added are prefixed with a +, those removed are
|
|
prefixed with a -.
|
|
<A NAME="lbAE"> </A>
|
|
<H2>OPTIONS</H2>
|
|
|
|
A summary of options is included below.
|
|
<DL COMPACT>
|
|
<DT id="1"><B>-h, --help</B>
|
|
|
|
<DD>
|
|
Show summary of options.
|
|
<DT id="2"><B>-v, --verbose</B>
|
|
|
|
<DD>
|
|
Be verbose. Output <B>openssl rehash</B>.
|
|
<DT id="3"><B>-f, --fresh</B>
|
|
|
|
<DD>
|
|
Fresh updates. Remove symlinks in /etc/ssl/certs directory.
|
|
</DL>
|
|
<A NAME="lbAF"> </A>
|
|
<H2>FILES</H2>
|
|
|
|
<DL COMPACT>
|
|
<DT id="4"><I>/etc/ca-certificates.conf</I>
|
|
|
|
<DD>
|
|
A configuration file.
|
|
<DT id="5"><I>/etc/ssl/certs/ca-certificates.crt</I>
|
|
|
|
<DD>
|
|
A single-file version of CA certificates. This holds
|
|
all CA certificates that you activated in /etc/ca-certificates.conf.
|
|
<DT id="6"><I>/usr/share/ca-certificates</I>
|
|
|
|
<DD>
|
|
Directory of CA certificates.
|
|
<DT id="7"><I>/usr/local/share/ca-certificates</I>
|
|
|
|
<DD>
|
|
Directory of local CA certificates (with .crt extension).
|
|
</DL>
|
|
<A NAME="lbAG"> </A>
|
|
<H2>SEE ALSO</H2>
|
|
|
|
<B><A HREF="/cgi-bin/man/man2html?1+openssl">openssl</A></B>(1)
|
|
|
|
<A NAME="lbAH"> </A>
|
|
<H2>AUTHOR</H2>
|
|
|
|
This manual page was written by Fumitoshi UKAI <<A HREF="mailto:ukai@debian.or.jp">ukai@debian.or.jp</A>>,
|
|
for the Debian project (but may be used by others).
|
|
<P>
|
|
|
|
<HR>
|
|
<A NAME="index"> </A><H2>Index</H2>
|
|
<DL>
|
|
<DT id="8"><A HREF="#lbAB">NAME</A><DD>
|
|
<DT id="9"><A HREF="#lbAC">SYNOPSIS</A><DD>
|
|
<DT id="10"><A HREF="#lbAD">DESCRIPTION</A><DD>
|
|
<DT id="11"><A HREF="#lbAE">OPTIONS</A><DD>
|
|
<DT id="12"><A HREF="#lbAF">FILES</A><DD>
|
|
<DT id="13"><A HREF="#lbAG">SEE ALSO</A><DD>
|
|
<DT id="14"><A HREF="#lbAH">AUTHOR</A><DD>
|
|
</DL>
|
|
<HR>
|
|
This document was created by
|
|
<A HREF="/cgi-bin/man/man2html">man2html</A>,
|
|
using the manual pages.<BR>
|
|
Time: 00:06:18 GMT, March 31, 2021
|
|
</BODY>
|
|
</HTML>
|