CoreOS Container Linux supports custom Certificate Authorities (CAs) in addition to the default list of trusted CAs. Adding your own CA allows you to:
- Use a corporate wildcard certificate
- Use your own CA to communicate with an installation of CoreUpdate
The setup process for any of these use-cases is the same:
-
Copy the PEM-encoded certificate authority file (usually with a
.pemfile name extension) to/etc/ssl/certs -
Run the
update-ca-certificatesscript to update the system bundle of Certificate Authorities. All programs running on the system will now trust the added CA.