Where to keep SSL certificates and private keys on Ubuntu and Debian?

Better Stack Team
Updated on May 4, 2022

To list all available CA SSL certificates run the following lines of code:

awk -v cmd='openssl x509 -noout -subject' '
Copied!
/BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-certificates.crt
Copied!

This will display the subject of every CA certificate in /etc/ssl/certs/ca-certificates.crt

But beware that you may get an error if SSL servers forget to provide the intermediate certificates. In that case, you can try running the following command to get the list of certificates being sent.

openssl s_client -showcerts -connect the-git-server:443
Copied!
Got an article suggestion? Let us know
Explore more
Licensed under CC-BY-NC-SA

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

We are hiring.

Software is our way of making the world a tiny bit better. We build tools for the makers of tomorrow.

Explore all positions →

Reliability is the
ultimate feature

Delightful observability tools that turn your logs & monitoring into a secret weapon for shipping better software faster.

Explore Better Stack