Import Non trusted certificates to local trusted certificate store
Description:
This article will walk through importing a third party not trusted certificate into a linux server, allowing the server to trust the certificate as it would a legitimately purchased trusted certificate.
Pre-Requisites:
A third party self signed or non trusted certificate has already been generated on the service handling server, and has been SCPed over to the client server's /tmp directory
More information on generating a self signed certificate can be found here
For this scenario, we will assume that we are using a local Gitlab instance, with a self signed certificate
Test the Certificate
From the client machine, test the validity of the certificate on the service providing server (Gitlab)
openssl s_client -showcerts -connect gitlab.nason.co:443
Start Time: 1469810110
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
Import the certificate
RHEL & 
CentOS:
mv /tmp/gitlab-registry.crt /etc/pki/ca-trust/source/anchors/
update-ca-trust
Debian & 
Ubuntu:
mv /tmp/gitlab-registry.crt /usr/local/share/ca-certificates/
update-ca-certificates
Updating certificates in /etc/ssl/certs... 2 added, 0 removed; done. Running hooks in /etc/ca-certificates/update.d....done.
Re-Test the Certificate
From the client machine, test the validity of the now imported certificate on the service providing server (Gitlab)
openssl s_client -showcerts -connect gitlab.nason.co:443
Start Time: 1469810954
Timeout : 300 (sec)
Verify return code: 0 (ok)
Remove Imported Certs
RHEL & CentOS:
rm /etc/pki/ca-trust/source/anchors/gitlab-registry.crt
update-ca-trust
Debian & Ubuntu:
rm /etc/ssl/certs/gitlab-registry.crt
update-ca-certificates
Post Requisites:
None