Reset Certificate Storage

Hi I played around with my System Certificate Storage, and now I want to delete all 3rd party / custom root certificates at once and install only the default ones again.

I searched a while via Google, but I did only find commands for Debian and not Arch Manjaro.

Would love to receive some help here :slight_smile:

I’d like to follow along - but as I don’t know what you mean by that:
what did you “play around with”? Where is that … located?

What did you find?
At this level, all the distros are pretty much the same.

Here as well - need more concrete info.

I added those certificates with sudo trust anchor /path/to/the/root.crt sudo update-ca-trustto the system TLS / SSL - Certificate storage.

I found sudo update-ca-certificates -f, which wipes the certificate storage on Debian and reinstalls the system’s standard CA Certificates AFAIK.
This tool is not available for Manjaro in this form I think.

Thanks for checking out my topic @Nachlese :slight_smile:

I guess what I wanted to know - also for the benefit of others that might want to help and are able to - what is the underlying problem that you want to address / solve?
I’m still in the dark.

If I’m reading this right, the issue is that @cdr_chakotay managed to install some certificates that they don’t want to have around anymore.

I don’t think that there’s a single command to remove the certificates you added, but you can just delete the files and run sudo update-ca-trust. If you mess something up, you can run sudo pamac reinstall ca-certificates to get all the normal certificates back.

Or, if you want to live on the edge you could delete all the certificates and run sudo pamac reinstall ca-certificates to get the default ones back, which should work, provided you don’t reboot the computer between removing the certificates and reinstalling them.


Thank you :slight_smile: To delete all certificates I would delete /etc/ssl/certs/ca-certificates.crtI guess ?

To delete all certificates and then reinstall would be:

sudo rm -r /etc/ssl/certs/*
sudo pamac reinstall ca-certificates

However, emphasis on this: it may be a pain to recover if something goes wrong during this operation, or if my understanding of the ca-certificates package is wrong. Deleting just the certificates you don’t need would be my strong recommendation.

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.