Installation of intermediate certificate not working for command line tools
Olivia Zamora 
TL;DR: No description on how to install a intermediate certificate works under Ubuntu 18.04. Any suggestions?
Before marking this as a duplicate of How do I install a root certificate?or any other instruction on installing certificates, please read my problem and try to find a solution.
I tried to install the certificate of my proxy an a Ubuntu 18.04 machine in every combination of steps possible:
Step 1: Download the proxy certificate via firefox warning in PEM-format (-----BEGIN/END CERTIFICATE-----). It is the intermediate certifcate of the proxy signed by a root CA.
Step 2: Either just nename the file (mv proxy.pem proxy.crt) or doing this with openssl (openssl x509 -outform PEM -in proxy.pem -out proxy.crt). Now I have a certificate with .crt ending and PEM-format as told by Installing a root CA certificate in the trust store. I also tried DER format, but neither worked.
Step 3: Copying the certificate to /usr/share/ca-certificates/ or /usr/local/share/ca-certificates/
Step 4: Using dpkg-reconfigure ca-certificates or update-ca-certificates to update the certificate store
Step 5: Check /etc/ssl/certs/, if proxy certificate is there. There are always two links like:
15af16f2.0 -> proxy.pem
proxy.pem -> /usr/share/ca-certificates/proxy.crt The path to the certificate is always correct, but can also be /usr/local/... depending on previous step.
In my opinion the certificate should be installed and working. But when I try to connect to any website via wget or curl, they both create errrors:
wget:
ERROR: cannot verify certificate, issued by 'CN=......': unable to get issuer certificatecurl:
curl: (60) SSL certificate problem: unable to connect to get issuer certificateIt isn't even working with wget --ca-certificate=/path/to/proxy.pem
However apt has one https:\\... repo and is working.
The installation of the same certificate on Ubuntu 20.04 was working like a charm.
The software is up to date on all instances.
Any suggestions on what to try next, where to look for more information, or my error in the process?
Reset to default
