dyzulk/trustlab-docs
1
0
Fork 0
mirror of https://github.com/dyzulk/trustlab-docs.git synced 2026-01-26 05:25:38 +07:00
Code Issues Packages Projects Releases Wiki Activity
Files
0b60b339902a9cfb09bfa40dbceceb76e5e89b75
trustlab-docs/pages/guide/getting-started/install-root-ca.mdx

150 lines
5.1 KiB
Plaintext
Raw Blame History

import { CertificateDownload } from '../../../components/CertificateDownload'
# Installing Root CA
To ensure your browser trusts certificates issued by TrustLab, you must install our Root CA.
<div className="my-8">
<CertificateDownload />
</div>
## Quick Installation (Recommended)
Instantly install all TrustLab Root & Intermediate certificates using our automated scripts.
import { Tabs } from 'nextra/components'
### Linux / Server (CLI)
Select your distribution to get the optimized installation command:
<Tabs items={['Debian/Ubuntu', 'RHEL/CentOS', 'Arch Linux', 'Universal']}>
<Tabs.Tab>
```bash
sudo apt update && sudo apt install -y curl && curl -sL https://cdn.trustlab.dyzulk.com/ca/bundles/trustlab-all.sh | sudo bash
```
</Tabs.Tab>
<Tabs.Tab>
```bash
(sudo yum install -y curl || sudo dnf install -y curl) && curl -sL https://cdn.trustlab.dyzulk.com/ca/bundles/trustlab-all.sh | sudo bash
```
</Tabs.Tab>
<Tabs.Tab>
```bash
sudo pacman -Sy --noconfirm curl && curl -sL https://cdn.trustlab.dyzulk.com/ca/bundles/trustlab-all.sh | sudo bash
```
</Tabs.Tab>
<Tabs.Tab>
```bash
curl -sL https://cdn.trustlab.dyzulk.com/ca/bundles/trustlab-all.sh | sudo bash
```
</Tabs.Tab>
</Tabs>
### Windows
[Download Auto-Installer (.bat)](https://cdn.trustlab.dyzulk.com/ca/bundles/trustlab-all.bat)
*Right-click and Run as Administrator explicitly.*
### macOS / iOS
[Download Configuration Profile (.mobileconfig)](https://cdn.trustlab.dyzulk.com/ca/bundles/trustlab-all.mobileconfig)
*Go to System Settings > Privacy & Security > Profiles to install after downloading.*
---
import { Steps } from 'nextra/components'
## Manual Installation Guide
If you prefer to install certificates manually, follow these steps for your operating system.
<Tabs items={['Windows', 'macOS', 'Android', 'Linux']}>
<Tabs.Tab>
<Steps>
### Download the Certificate
Download the **[Root CA (.crt)](https://cdn.trustlab.dyzulk.com/ca/dydev-its-true.crt)** file.
### Open Certificate
Double-click the downloaded `dydev-its-true.crt` file. Click **"Install Certificate"**.
### Select Store Location
Select **"Local Machine"** (Requires Admin rights) and click Next.
### Browse Certificate Store
Choose **"Place all certificates in the following store"** and click **Browse**.
Select **Trusted Root Certification Authorities**.
### Finish
Click Next and Finish. The certificate is now installed system-wide.
</Steps>
</Tabs.Tab>
<Tabs.Tab>
<Steps>
### Download
Download the **[Root CA (.crt)](https://cdn.trustlab.dyzulk.com/ca/dydev-its-true.crt)** file.
### Add to Keychain
Double-click the file to open **Keychain Access**.
Select the **System** keychain.
### Trust the Certificate
Double-click the "DyDev Its True" (Root CA) in the list.
Expand the **Trust** section.
Change "When using this certificate" to **Always Trust**.
</Steps>
</Tabs.Tab>
<Tabs.Tab>
<Steps>
### Download
Download the **[Root CA (.crt)](https://cdn.trustlab.dyzulk.com/ca/dydev-its-true.crt)** or **[DER Format](https://cdn.trustlab.dyzulk.com/ca/dydev-its-true.der)**.
### Install via Settings
Go to **Settings** > **Security** > **Encryption & Credentials**.
Tap **Install a certificate** > **CA Certificate**.
### Select File
Select "Install anyway" if prompted, then choose the downloaded file.
</Steps>
</Tabs.Tab>
<Tabs.Tab>
<Steps>
### Download
Download the certificate using `curl`:
```bash
curl -LO https://cdn.trustlab.dyzulk.com/ca/dydev-its-true.crt
```
### Install (Debian/Ubuntu)
Copy the file to the CA directory:
```bash
sudo cp dydev-its-true.crt /usr/local/share/ca-certificates/trustlab-root.crt
```
### Update Store
Update the CA store:
```bash
sudo update-ca-certificates
```
*For RHEL/CentOS, copy to `/etc/pki/ca-trust/source/anchors/` and run `update-ca-trust`.*
</Steps>
</Tabs.Tab>
</Tabs>
## Intermediate Certificates
Intermediate certificates are used to sign end-entity certificates (servers, clients). **Clients typically do not need to install these manually**, as servers should provide them during the handshake.
**For Server Administrators:**
To configure your web server (Nginx, Apache, IIS) with the full chain, please refer to the **[Web Server Configuration](/guide/integrations/web-servers)** guide.
**Manual Installation (If Required):**
If you must install them manually (e.g., for offline chain validation):
* **Windows**: Follow the Root CA guide, but choose **Intermediate Certification Authorities** as the certificate store.
* **macOS**: Add to **System** keychain.
* **Linux**: Place in the same CA directory as the Root.
| Certificate | Algorithm | Download |
| :--- | :--- | :--- |
| **TrustLab Intermediate CA** | RSA 4096 | **[Download (.crt)](https://cdn.trustlab.dyzulk.com/ca/trustlab-intermediate-ca-4096.crt)** |
| **TrustLab Intermediate CA** | RSA 2048 | **[Download (.crt)](https://cdn.trustlab.dyzulk.com/ca/trustlab-intermediate-ca-2048.crt)** |
Reference in New Issue View Git Blame Copy Permalink