Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Pull all trusted root and intermediate certificate to single bundle

yadgayan
Altocumulus
Altocumulus

‎26-Jul-2023 14:12

Hi All,

I want to create a single certificate bundle that contains all trusted root and intermediate certificates and also need to update it automatically. Currently, I'm doing it manually (download and update bundle) Is there any easy way to do it? 

 

 

0 Kudos
3 REPLIES 3

whisperer
Cumulonimbus
Cumulonimbus

‎26-Jul-2023 14:20

Maybe you can automate using Ansible Tower and quite a bit of Python magic. Otherwise, manual process as far as I know.

0 Kudos

yadgayan
Altocumulus
Altocumulus
In response to whisperer

‎26-Jul-2023 14:25

I can use 2 workers (bash scripts) to update a single CA file based on trusted CA parties that IRD provided. (I never tried but just an idea). I can use the below list to pull the certificates

All intermediate list

https://ccadb.my.salesforce-sites.com/mozilla/PublicAllIntermediateCerts

All Root list

https://curl.se/docs/caextract.html

 

But I'm seeking any other easy way to do it? 

0 Kudos

whisperer
Cumulonimbus
Cumulonimbus
In response to yadgayan

‎26-Jul-2023 19:06

Interesting, there is a certificate bundle management:

https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ssl-administration-13-1-0...

Check out this excerpt;

"In the Include URLs field, type the URL where remote CA bundles reside, and click Add to include that for generating the new CA bundle.

Only HTTPS URLs are allowed in the Include URLsfields"
0 Kudos
Copyright © 2023 Khoros, LLC