Skip to content

Instantly share code, notes, and snippets.

@sdebnath

sdebnath/netskope_ssl_cert_chain.md

Created July 24, 2024 20:13
Show Gist options
  • Save sdebnath/f41427c8fcc6025c2d05b7103fb3ff7a to your computer and use it in GitHub Desktop.
Save sdebnath/f41427c8fcc6025c2d05b7103fb3ff7a to your computer and use it in GitHub Desktop.
Download ZIP
Adding Netskope SSL cert chain from macos to linux VM
Raw
netskope_ssl_cert_chain.md

1. Obtain Netskope's cert chain

security find-certificate -a -p /System/Library/Keychains/SystemRootCertificates.keychain /Library/Keychains/System.keychain > /tmp/nscacert_combined.pem
&& sudo cp /tmp/nscacert_combined.pem /Library/Application\ Support/Netskope/STAgent/data/

Source: https://docs.netskope.com/en/configuring-cli-based-tools-and-development-frameworks-to-work-with-netskope-ssl-interception/

2. Copy the cert file out

cp /Library/Application\ Support/Netskope/STAgent/data/nscacert.pem ~/nscacert.crt

3. Upload it to your VM

Use your favorite tool to upload it to your VM and then update ca certificates:

sudo apt-get install -y ca-certificates
sudo cp nscacert.crt /usr/local/share/ca-certificates
sudo cp nscacert.crt /etc/ssl/certs/
sudo update-ca-certificates

Source: https://ubuntu.com/server/docs/install-a-root-ca-certificate-in-the-trust-store

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment