some months ago i needed to setup a Certificate Authority and add it's root certificate to the client machines, so i figured out and added the CA certificate to /usr/share/ca-certificates, edited the /etc/ca-certificates.conf to reflect this and them run "update-ca-certificates --fresh --verbose".
this added the CA to the SSL certs and generated the file with all the certificates in /etc/ssl/certs/ca-certificates.crt
So when i used Firefox and Chrome, it reflected this and the server certificate was validated.
But... This week, after a system upgrade both Firefox and Chrome, stopped to reflect this, even after i did all the above process again.
Firefox and Chrome are not using the ca-certificates package? Is there a way to do what i'm trying to do (a central point to manage certificates for all apps, especially browsers)?
And, a last question, is there a way to run a script after a specific package upgrade?
Thanks, --- Eduardo M. Machado