# Where to keep SSL certificates and private keys on Ubuntu and Debian?

To list all available CA SSL certificates run the following lines of code:

```bash
awk -v cmd='openssl x509 -noout -subject' '
```

```bash
/BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-certificates.crt
```

This will display the `subject` of every CA certificate in
`/etc/ssl/certs/ca-certificates.crt`

But beware that you may get an error if SSL servers forget to provide the
intermediate certificates. In that case, you can try running the following
command to get the list of certificates being sent.

```bash
openssl s_client -showcerts -connect the-git-server:443
```

[ad-uptime]