Where to keep SSL certificates and private keys on Ubuntu and Debian?

Better Stack Team
Updated on October 5, 2023

To list all available CA SSL certificates run the following lines of code:

awk -v cmd='openssl x509 -noout -subject' '
/BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-certificates.crt

This will display the subject of every CA certificate in /etc/ssl/certs/ca-certificates.crt

But beware that you may get an error if SSL servers forget to provide the intermediate certificates. In that case, you can try running the following command to get the list of certificates being sent.

openssl s_client -showcerts -connect the-git-server:443

Make your mark

Join the writer's program

Are you a developer and love writing and sharing your knowledge with the world? Join our guest writing program and get paid for writing amazing technical guides. We'll get them to the right readers that will appreciate them.

Write for us
Writer of the month
Marin Bezhanov
Marin is a software engineer and architect with a broad range of experience working...
Build on top of Better Stack

Write a script, app or project on top of Better Stack and share it with the world. Make a public repository and share it with us at our email.


or submit a pull request and help us build better products for everyone.

See the full list of amazing projects on github