Create cacerts.pem

The cacerts.pem file is a bundle of CA certs including the leaf, intermediate, and root certificates for your tenant. You can create the this bundle using a browser and a text editor. Note that any certificates shown in the procedure below are examples; your tenant might use different certificates.

  1. Open your tenant in the browser.
    For example 'https://tenant.my.centrify.net' in Firefox.
  2. Click on the browser's lock icon located to the left side of the URL.
  1. Click on the arrow > then More Information to view Security information.
  2. Click View Certificate.
  3. Click the Details tab in the Certificate Viewer to view the certificate hierarchy.

📘

Note

The following certificates are examples. Your tenant might use different certificates.

Certificate type

Certificate example

Leaf certificate

*.my.centrify.net

Note: The leaf certificate must match the portal FQDN. For example *.my.centrify.net for SaaS or the correct custom URL for the customer managed installation.

Intermediate certificate

DigiCert SHA2 Secure Server CA

Root certificate

DigiCert Global Root CA

  1. Select each certificate, then click Export... to save the files in .crt format.
  2. Open the leaf certificate in a text editor and save it as 'cacerts_.pem' in the root directory of the script, replacing '' with the name of your Centrify tenant.
    The root path of the script is where the CentrifyAWSCLI.py file exists.
  3. Open the intermediate certificate (For example: -centrifycom.crt), then copy the contents and paste it as text after the leaf certificate content in the 'cacerts_.pem' file.
  4. Open the root certificate, then copy the contents and paste it after the intermediate certificate content in the 'cacerts_.pem' file.
  5. The final 'cacerts_.pem' file should look similar to the following example.

📘

Remember

The following example contents of a 'cacerts_.pem' file is only an example. Your tenant might use different certificates.

-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIQCCbJtjAZY/4iNAlHmzgY2zANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTcwOTI3MDAwMDAwWhcN
MjAxMDAxMTIwMDAwWjCBgDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju
aWExFDASBgNVBAcTC1NhbnRhIENsYXJhMR0wGwYDVQQKExRDZW50cmlmeSBDb3Jw
b3JhdGlvbjELMAkGA1UECxMCSVQxGjAYBgNVBAMMESoubXkuY2VudHJpZnkuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wK/EXv6pWWMrzrUOdlY
kClPoqo2sHzpe53O04G4SkAjRNusifYLrtAx681eQ8iaaeLRv1L4mDdeLQLpu4L1
a1Lf9lpDitKOlxr/fokof0Oc1mTf/954rN5f8yx2Mr05vo0RB34KMqLgsDLaL6cN
4IRlAKf3IdIIcwCCVxZHEmM3zwIs0gca25nOKoQI0TmJnBLDFCmDMsAN9n7n3seV
RPMQQpHrJ5YB273ce2LkEjEqe8bBXS/IZpZhIDRPXx/P1JXmlDej/Dmanc+KAxCm
5obHh02iw91sKA6L1QTdzrBNjnyl9j4SGLvCXS71JP4NAt40xbU7ArFIJE7F+Ocv
NQIDAQABo4IB6TCCAeUwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIw
HQYDVR0OBBYEFJetGQp+fk6Xy4jaQmnwCwzb/7TYMC0GA1UdEQQmMCSCESoubXku
Y2VudHJpZnkuY29tgg9teS5jZW50cmlmeS5jb20wDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBrBgNVHR8EZDBiMC+gLaArhilo
dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWcxLmNybDAvoC2gK4Yp
aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nMS5jcmwwTAYDVR0g
BEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGln
aWNlcnQuY29tL0NQUzAIBgZngQwBAgIwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUF
BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6
Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJD
QS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAdbXIFWBv1wHw
liF3gh8+EDW6azegtTZz1mQy2JMq6Vv4cPKzzQaL7f9lulsH/WJKCNWlU6FAP9I6
fUPE+CimAXuPe9jNCIxBB2lK1pQvshX0kFD49RXetmHlIhBLCB6z3Tt1u2WML2h4
KCqrsesaKoP3s3ePiO/rFsICxwBZC69O0tN7K15TEub4j9Amd62Qqw5Hg8iUwGUn
l7+296n6z9bKxLt3vx+dIW1/sVfWplo8zlXWFqf2p2reWMvXDncDm3fHJ27qg+vS
RfvOwJo68ZrXEO4kFC8Axri/Xwvr853HGCgVOCAM8F78H8/nZ4k9gVd+FOnK0ECy
UHNRrnc8nw==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg
U2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83
nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd
KpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f
/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX
kujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0
/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C
AQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY
aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6
Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1
oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD
QS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v
d3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh
xtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB
CwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl
5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA
8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC
2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit
c+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0
j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
-----END CERTIFICATE-----