ssl, https: untrusted certificate

When faced with an untrusted certificate (warning, error, etc.), the general rule is:

1. copy public certs of CAs that should be trusted to /etc/pki/trust/anchors
2. execute “update-ca-certificates”