This package includes PEM files of CA certificates to allow SSL-based
applications to check for the authenticity of SSL connections.
-Please note that certificate authorities whose certificates are included
-in this package are not in any way audited for trustworthiness and RFC
-3647 compliance, and that full responsibility to assess them belongs to
-the local system administrator.
+Please note that Debian can neither confirm nor deny whether the
+certificate authorities whose certificates are included in this package
+have in any way been audited for trustworthiness or RFC 3647 compliance.
+Full responsibility to assess them belongs to the local system
+administrator.
The CA certificates contained in this package are installed into
“/usr/share/ca-certificates”.
symlinks and generate a single-file version in
“/etc/ssl/certs/ca-certificates.crt”.
+If you want to install local certificate authorities to be implicitly
+trusted, please put the certificate files as single files ending with
+“.crt“ into “/usr/local/share/ca-certificates” and re-run
+“update-ca-certificates”. If you want to prepare a local package
+of your certificates, you should depend on “ca-certificates“, install
+the PEM files into “/usr/local/share/ca-certificates” as above and call
+“update-ca-certificates” in the package's “postinst“.
How certificates will be accepted into the ca-certificates package
------------------------------------------------------------------