SSL Certificate Location on UNIX/Linux

Better Stack Team
Updated on November 9, 2023

In UNIX/Linux systems, SSL certificate files are often stored in specific directories. The exact location can vary based on the distribution and configuration.

Commonly, SSL certificates on UNIX/Linux systems are stored in the /etc/ssl/ directory or its subdirectories. However, this may differ based on the purpose or service using the SSL certificates. Here are the typical locations:

  1. Certificate Authority (CA) Certificates:
    • Root CA certificates are typically stored in: /etc/ssl/certs/
    • Intermediate CA certificates may also be stored here or in a specific subdirectory.
  2. Server Certificates and Keys:
    • Server SSL certificates and private keys are usually stored in: /etc/ssl/private/
    • The SSL certificate file might be in the same directory as the private key.

It's important to note that the directory structure can vary depending on the software, service, or package used on the system. Some services might have their specific locations for SSL certificates and private keys. For instance, web servers like Apache or Nginx may have configurations pointing to custom locations.

To find the SSL certificate locations, you can check the configurations of the service that uses SSL certificates. For example, in Apache, the SSL configuration file might specify the SSLCertificateFile and SSLCertificateKeyFile directives, which define the paths for the certificate and key files.

Additionally, using commands like find or locate can help search for SSL certificates. For instance:

 
sudo find /etc/ssl -name "*.crt" -o -name "*.pem"

This command searches for files with the .crt or .pem extension within the /etc/ssl directory and its subdirectories.

Keep in mind that proper permissions and access control should be maintained for SSL certificate files, especially for private keys, to ensure security.