search

GSA / fpki-guides

This is the old location for the FPKI Playbook. New location below.
https://playbooks.idmanagement.gov/fpki/
Other
31 stars 33 forks source link

Agency Contribution to Federal Common Policy CA Migration Playbook (distributing root certificate on RHEL/CentOS/OEL) #827

Closed ryancdickson closed 3 years ago

ryancdickson commented 3 years ago

Thank you to our colleague Jerome at the U.S. Department of the Interior for sharing the following steps:

How to import the Federal Common Policy CA G2 (FCPCAG2) on RHEL / CentOS / OEL / etc:

  1. Secure Copy the new FCPCAG2 certificate to the needed location from a trusted source

    - scp fcpcag2.crt user@hostname:/home/username/
- ssh user@hostname
- sudo mv /home/username/fcpcag2.crt /etc/pki/ca-trust/anchors

  2. Set file permissions

    - sudo chown root.root /etc/pki/ca-trust/anchors/fcpcag2.crt
- sudo chmod 644 /etc/pki/ca-trust/anchors/fcpcag2.crt

  3. Import the root certificate

    - sudo /bin/update-ca-trust extract

We'll look to incorporate these into our Playbook.