How does one install a custom CA certificate on CentOS?
As of CentOS 6+, there is a tool for this. Per this guide, certificates can be installed first by enabling the system shared CA store:
update-ca-trust enable
Then placing the certificates to trust as CA's in /etc/pki/ca-trust/source/anchors/
for high priority (non-overridable), or /usr/share/pki/ca-trust-source/
(lower priority, overridable), and finally updating the system store with:
update-ca-trust extract
Et voila, system tools will now trust those certificates when making secure connections!