What is difference between /etc/ssl/certs/ca-bundle.crt and /etc/ssl/certs/ca-bundle.trust.crt in centos7?

ssl centos7
12,917

@YogeshJilhawar:Tls ca file which is signed by private institute must be added to the ca-bundle files on OS(such as centos7.x),but there is a little different(bwtween ca-bundle.crt with ca-bundle.trust.crt) as following:

ca-bundle.crt contains a list of CA certificates trusted for TLS server authentication usage without distrust information.

ca-bundle.trust.crt contains a list of CA certificates which includes trust (and/or distrust) flags specific to certificate usage.

Both files contain CA certificates in the extended BEGIN/END TRUSTED CERTIFICATE file format.

What's more,ca-trust-source contains low priority source configurations but ca-trust/source contains high priority source configurations.Good luck!

Share:
12,917
Yogesh Jilhawar
Author by

Yogesh Jilhawar

Updated on June 22, 2022

Comments

  • Yogesh Jilhawar
    Yogesh Jilhawar almost 2 years

    I am using certificates signed by CA file for securing kubernetes API. For that I added my CA file say ca.crt to /etc/pki/ca-trust/source/anchors/ and used the command $ update-ca-trust to add it to the trusted list. I found my certificate in /etc/ssl/certs/ca-bundle.crt file and also in /etc/ssl/certs/ca-bundle.trust.crt file with some appended string of 20 (not exactly) characters. Why there are these two files and what is difference between them ?

  • duct_tape_coder
    duct_tape_coder over 2 years
    What do the terms "low priority source configurations" and "high priority source configurations" mean?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Apache webserver HTTPS port redirects to HTTP with port 443
Httpd Misconfiguration of certificate's CN and virtual name
Apache SSL Errors every 30 seconds
SSL issues "Peer's certificate issuer has been marked as not trusted by the user."
Cannot conect MySQL (error 2026) after upgrade to Ubuntu 20.04
Disable SSL check rpm
Self-signed Cert for yum repository server
Admob in flutter app: "Error while connecting to ad server: SSL handshake aborted"
Firebase Hosted flutter app shows not a secure connection error when launching an external URL
Flutter Doctor shows problem with GTK 3.0 for CentOS Linux 7 running on Doctor