Linux and Dell Technologies CA

Please note that the following instructions were written for Oracle Enterprise Linux 8.4; specific filepaths and commands may vary slightly between Linux distros.

The default ca-bundle.crt will usually lack the Dell Technologies Root CA and issuing certs. Here you can download a pem file that will need to be appended to the appropiate ca-bundle file.

This is only required if applications depending on OpenSSL are failing TLS validation of sites using Dell Technologies CA issued certs.

A Linux SE must do the following as root:

  1. Retrieve the Dell Technologies Internal CA 2018 Root Certificate as well as the issuing CA certificates:
    cd /etc/pki/ca-trust/source/anchors

    #root CA
    curl http://aia.dell.com/int/root/Dell%20Technologies%20Root%20Certificate%20Authority%202018.crt | openssl x509 -inform pem -out dellroot2018.pem
    #2018 SubCAs
    curl http://aia.dell.com/int/issuing/Dell%20Technologies%20Issuing%20CA%20101.crt | openssl x509 -inform pem -out dell2018iss101_2018.pem
    curl http://aia.dell.com/int/issuing/Dell%20Technologies%20Issuing%20CA%20301.crt | openssl x509 -inform pem -out dell2018iss301_2018.pem
    curl http://aia.dell.com/int/issuing/Dell%20Technologies%20Issuing%20CA%20102.crt | openssl x509 -inform pem -out dell2018iss102_2018.pem
    curl http://aia.dell.com/int/issuing/Dell%20Technologies%20Issuing%20CA%20302.crt | openssl x509 -inform pem -out dell2018iss302_2018.pem
    #2021 SubCAs
    curl http://aia.dell.com/int/issuing/Dell%20Technologies%20Issuing%20CA%20103.crt | openssl x509 -inform pem -out dell2018iss103_2021.pem
    curl http://aia.dell.com/int/issuing/Dell%20Technologies%20Issuing%20CA%20303.crt | openssl x509 -inform pem -out dell2018iss303_2021.pem
    #2023 SubCAs
    curl http://aia.dell.com/int/issuing/Dell%20Technologies%20Issuing%20CA%20101%281%29.crt | openssl x509 -inform pem -out dell2018iss101_2023.pem
    curl http://aia.dell.com/int/issuing/Dell%20Technologies%20Issuing%20CA%20301%281%29.crt | openssl x509 -inform pem -out dell2018iss301_2023.pem
    curl http://aia.dell.com/int/issuing/Dell%20Technologies%20Issuing%20CA%20102%281%29.crt | openssl x509 -inform pem -out dell2018iss102_2023.pem
    curl http://aia.dell.com/int/issuing/Dell%20Technologies%20Issuing%20CA%20302%281%29.crt | openssl x509 -inform pem -out dell2018iss302_2023.pem
    curl http://aia.dell.com/int/issuing/Dell%20Technologies%20Issuing%20CA%20104.crt | openssl x509 -inform pem -out dell2018iss103_2023.pem
    curl http://aia.dell.com/int/issuing/Dell%20Technologies%20Issuing%20CA%20304.crt | openssl x509 -inform pem -out dell2018iss304_2023.pem

  2. Run "upgrade-ca-trust" to append all CA certs under /etc/pki/ca-trust/source/anchors to the system CA bundle

  3. Run "grep "Dell Technologies Root Certificate Authority" /etc/pki/tls/certs/ca-bundle.crt" to verify successful import.

Dell Technologies 2018 CA bundle