This tool takes care of creating a standardized ca-bundle.crt
file for various environments. Born to solve this issue.
Update the ca-bundle.crt
file in the current directory:
vagrant@virtualbox ~/.xp
$ cert up
@unix (detected)
Updating certificates
> Linked ca-bundle.crt -> /etc/ssl/certs/ca-certificates.crt
173 certificates
Done, /home/vagrant/.xp/ca-bundle.crt updated
Depending on the underlying operating system and runtime environment, the action to create the file may be different. For details, see below:
On Windows, the system certificate store is exported. This needs to be rerun every time Microsoft updates their OS.
On Mac OS X, the system keychain is exported. This needs to be rerun every time Apple updates their OS.
If a Cygwin environment is present, a symlink to /etc/pki/tls/certs/ca-bundle.crt
is created. This does not need to be re-run except if Cygwin's vendors decide to change this path.
A symlink is created to whichever of the following can be found first:
Path | Typical for |
---|---|
/etc/ssl/certs/ca-certificates.crt |
Debian/Ubuntu/Gentoo etc. |
/etc/pki/tls/certs/ca-bundle.crt |
Fedora/RHEL |
/etc/ssl/ca-bundle.pem |
OpenSUSE |
/etc/pki/tls/cacert.pem |
OpenELEC |
/usr/local/share/certs/ca-root-nss.crt |
FreeBSD/DragonFly |
/etc/ssl/cert.pem |
OpenBSD |
/etc/openssl/certs/ca-certificates.crt |
NetBSD |
This only needs to be rerun if the OS' vendor decides to change this path.