# Proper way to add certs?

Hello, I tried the method to put my own cert into /etc/pki/tls/certs and symlink it - openssl accepts the cert and the method specified in /etc/pki/ca-trust/source/anchors/README, but the Cert neither works nor it shows up in the settings. What do I wrong/ What is the proper way to import a cert? The cert is just a self-generated cert.

Edit; When I try the mentioned method with openssl, I get a cert error on the mail App afterwards until I delete the cert.

edit retag close delete

Did you run the update-ca-certificates or update-ca-trust after adding a certificate? (I don't know which one is correct for SFOS)

( 2019-06-23 21:11:01 +0300 )edit

update-ca-certificates is called update-ca-trust on SFOS (as far as I know). Of course, I ran it.

( 2019-06-23 21:43:35 +0300 )edit

I also tried the TLS topic in here: https://pastebin.com/QwWjEFPr

( 2019-06-25 22:51:35 +0300 )edit

In this thread, there are hints that there may be just another (or a couple of other) certificate stores to take into account. I'd guess that Android Support may also have its own certificate store, as well as native QT apps.

( 2019-06-27 13:41:03 +0300 )edit

QT native Apps normally use the system's store and I ensured myself that the App I need uses the system's store. The Qt error seems to be only on macOS. My cert also doesn't appear on the certificate storage. I think I'll swap the cert on server side, that would be a lot easier.

( 2019-06-27 14:15:46 +0300 )edit