Due to various auditing failures and other security issues, the CAcert root certificate set is slowly disappearing from the Ubuntu and Debian ‘ca-certificates’ package.
Fine for security and ensuring your website works with the wider browser world. Not so good if you’re developing an SSL site on a development domain - for which CAcert certificates are precisely what the doctor ordered.
So how do you add the root certificates back into your development machine in the correct manner (and in particular avoiding the cardinal sin of shipping an entirely parallel set of root certificates with your application!)
Fortunately it is straightforward, since you can tell Ubuntu/Debian to update its root certificate list to include any certificates stored in the
So first make a directory in which to store the CAcert certificate files.
sudo mkdir /usr/local/share/ca-certificates/cacert.org
Then download the root certificates from the cacert website.
sudo wget -P /usr/local/share/ca-certificates/cacert.org http://www.cacert.org/certs/root.crt http://www.cacert.org/certs/class3.crt
and finally update the certificate bundle
Then you can get back to developing your next killer app.