http://bugzilla.opensuse.org/show_bug.cgi?id=918944 Bug ID: 918944 Summary: update-ca-certificates does not add a private CA certificate to system wide certificate store as documented Classification: openSUSE Product: openSUSE Distribution Version: 13.2 Hardware: x86-64 OS: openSUSE 13.2 Status: NEW Severity: Major Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening@forge.provo.novell.com Reporter: bockhold@cmab.de QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0 Build Identifier: Documentation under /usr/share/doc/packages/ca-certificates/README tells me to copy my private CA certificate to /etc/pki/trust and then run /usr/sbin/update-ca-certificates to add my certificate to the system wide certificate store. Even run with --verbose the script does not add the certificate to any store and does not show any signs of error or success. My CA obviously is not added as for example the LDAP-client cannot validate the server-side certificate signed by this CA. Reproducible: Always Steps to Reproduce: 1. create a CA, export the CA-certificate to your client on the client: 2. cp mycacrt.pem /etc/pki/trust/mycacrt.pem 3. update-ca-certificates --verbose Actual Results: Output: running /usr/lib/ca-certificates/update.d/50java.run ... creating /var/lib/ca-certificates/java-cacerts ... running /usr/lib/ca-certificates/update.d/70openssl.run ... creating /var/lib/ca-certificates/openssl ... running /usr/lib/ca-certificates/update.d/80etc_ssl.run ... running /usr/lib/ca-certificates/update.d/99certbundle.run ... creating /var/lib/ca-certificates/ca-bundle.pem ... Expected Results: Show that a new certificate is found. Add it to the system wide certificate store. Print a corresponding message to console as to inform user. Problem is reproducible on any openSUSE client. Debian client works like a charm with cp mycacert.pem /usr/local/share/ca-certificates/mycacert.pem && update-ca-certificates. -- You are receiving this mail because: You are on the CC list for the bug.