Date
1 - 5 of 5
How to add missing ca-certificates to truststore in older version of yocto?
|
Sourabh Hegde
Hello,
i am working with "Morty" release of yocto. Due to organizational reasons we still have to use "Morty" but will be upgraded soon. But, there are some certificates missing in the OpenSSL truststore. Now, I would like to add them to the image during build. Certificates are mainly for Amazon services (Amazon_Root_CAs). I beleive this can be done with ca-certificates_%.bbappend. I would like to know how will the .crt files be converted to .pem format and also how will ca-certficates.crt file will be updated in /etc/ssl/certs/ dir? The recipe is http://cgit.openembedded.org/openembedded-core/tree/meta/recipes-support/ca-certificates/ca-certificates_20160104.bb?h=morty |
|
|
|
If the certificates are in newer releases of the ca-certificates store, then upgrading the recipe will be easiest. As you see from the filename, the certificates in morty are from 2016. Take the latest release that is in langdale and you’ll have all the newer certs.
toggle quoted message
Show quoted text
Ross On 27 Mar 2023, at 17:36, Sourabh Hegde via lists.yoctoproject.org <hrsourabh011=gmail.com@...> wrote: |
|
|
|
Sourabh Hegde
Thanks Ross for quick update.
I had the same approach. But will there be any dependency issues while installing new certificates? |
|
|
|
On 27 Mar 2023, at 19:37, Sourabh Hegde via lists.yoctoproject.org <hrsourabh011=gmail.com@...> wrote:
I doubt it. Ross |
|
|
|
Sourabh Hegde
Okay, it worked fine.
Thanks again |
|
|