Dear Rocky community,

I am creating an initramfs and I need to install a CA cert in it. The reason is I need to download rootfs from an s3 bucket and the cert under the domain is self-signed.

I can copy the CA file through a module but I don't know how to reproduce the tasks done by the update-ca-trust command.

This is the module I am working on:

#!/bin/bash
# module-setup.sh for cacert

# called by dracut
check() {
    return 0
}

# called by dracut
depends() {
    echo network
    return 0
}

# called by dracut
install() {
    mkdir -p $initdir/etc/pki/ca-trust/source/anchors
    cp /root/certificate_authority.crt $initdir/etc/pki/ca-trust/source/anchors/
}

any advice on how to achieve this?

I am also open to other methods to get this working

thank yo uvery much