Where are PEM files stored for validating SSL certificates?

12.04 ssl openssl

76,973

Solution 1

So if you have installed ca-certificates you can easily find out where the files are. Open a terminal and enter

> dpkg -L ca-certificates
/.
/etc
/etc/ssl
/etc/ssl/certs
/etc/ca-certificates
/etc/ca-certificates/update.d
/usr
/usr/sbin
/usr/sbin/update-ca-certificates
/usr/share
/usr/share/ca-certificates
/usr/share/ca-certificates/spi-inc.org
…

So you'll see that all certificates are in /usr/share/ca-certificates. However the default location for certificates is /etc/ssl/certs. You might find additional certificates there.

Solution 2

Try this

sudo find / |grep "\.pem"

This will list all the .pem files present on your system and their full path.

Solution 3

Probably this would help you:

apt-get install apt-file

apt-file update

apt-file list ca-certificates

76,973

mathematician1975

Updated on September 18, 2022

Comments

mathematician1975 over 1 year

I'm writing a SOAP client application on Ubuntu using OpenSSL and C++. I am having trouble getting my code to validate the server certificate even though I know has a valid certificate.

Just to make sure I would like to check that it's the case and apparently PEM files are used to list valid certificates.

Can anyone tell me where these files reside on my Ubuntu 12.04 installation? I have the ca-certificates package installed on my machine, so these files must be there somewhere?
guntbert almost 10 years

This is not really an answer.
Monica Heddneck over 7 years

Not an answer but very useful! Thanks @Mausy5043 for posting this.
sondra.kinsey almost 7 years

sudo is probably unnecessary, since these files needn't be hidden. Also, find can itself test name parameters, so I recommend find / -name "*.pem"
Mausy5043 almost 7 years

@sondra.kinsey : finding upwards from / without using sudo will generate a lot of errors for directories that the user has no access to. Using sudo (or redirecting by adding 2> /dev/null keeps the output clean.