update-ca-trust not adding certificates to ca-bundle

Solution Verified - Updated -

Issue

  • All the PEM/CRT/CER formatted certificates placed in /etc/pki/ca-trust/source/anchors/ don't get added to the individual certificate bundles/stores (/etc/pki/tls/certs/ca-bundle.crt) using update-ca-trust.

    For RHEL7/8

    # cp /root/certs/<certname>.cer /etc/pki/ca-trust/source/anchors/
    # update-ca-trust extract
    # cd /etc/pki/tls/certs/
    # openssl x509 -in ca-bundle.crt -text -noout
    

    For RHEL6

    # cp /root/certs/<certname>.cer /etc/pki/ca-trust/source/anchors/
    # update-ca-trust enable
    # cd /etc/pki/tls/certs/
    # openssl x509 -in ca-bundle.crt -text -noout
    
  • When checking I will only see one of the certificates, not always the same one though.

Environment

  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 6
  • ca-certificates

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In