CA証明書のインストール
#CA
#Linux #CentOS7
code:sh
rpm -qa | grep ca-certificates
ca-certificates-2023.2.60_v7.0.306-72.el7_9.noarch
----
curl.se から直接 CA証明書をダウンロード。
https://curl.se/docs/caextract.html
CA証明書をダウンロード
sudo wget https://curl.se/ca/cacert.pem -O /etc/pki/tls/certs/ca-bundle-from-mozilla.crt
nginxのconfファイルで、proxy_ssl_trusted_certificateのパスを変更
proxy_ssl_trusted_certificate /etc/pki/tls/certs/ca-bundle.crt
↓
proxy_ssl_trusted_certificate /etc/pki/tls/certs/ca-bundle-from-mozilla.crt;
参考ページ
https://docs.redhat.com/ja/documentation/red_hat_enterprise_linux/9/html/securing_networks/adding-new-certificates_using-shared-system-certificates
https://www.baeldung.com/linux/ca-certificate-management
https://techjourney.net/update-add-ca-certificates-bundle-in-redhat-centos/
https://blue-red.ddo.jp/~ao/wiki/wiki.cgi?page=%A5%D6%A5%E9%A5%A6%A5%B6%A4%CE%A5%EB%A1%BC%A5%C8CA%BE%DA%CC%C0%BD%F1%A4%F2Linux%A4%D8%A5%A4%A5%F3%A5%B9%A5%C8%A1%BC%A5%EB%A4%B9%A4%EB