redhat ca - ghdrako/doc_snipets GitHub Wiki

• https://www.baeldung.com/linux/ca-certificate-management

update-ca-trust

it searches two locations for CA certificates:

    /usr/share/pki/ca-trust-source/ – low priority
    /etc/pki/ca-trust/source/ – high priority

There are two main subfolders in this path:

• anchors – holds the trusted certificates
• blacklist – holds the rejected certificates

update-ca-trust command to aggregate the new certificates to the trust settings. We can either remove the certificate file or copy a new one and run the update-ca-trust command to revoke or update a certificate.