How to generate the certificate files for jseccmd | Thales IoT Developer Community

We are having trouble adding root certificates that will work when the certificate verification is on. In other forum posts, it was mentioned to export the certificates from the browser. 

We tried that and it did not work. 

What would be a repeatable process for aquirinig root certificates in the right format? 

We observed that an exported certificate from Chrome on Windows is different that one from Chromium on Ubuntu (from the same website, both using .der binary format). 

Also, could you upload a certificate that is working?

This is what we tried:

$ wget https://www.geotrust.com/resources/root_certificates/certificates/GeoTru...     

$ openssl x509 -in GeoTrust_Primary_CA.pem -out cert.der -outform DER

$ java -jar jseccmd.jar -cmd AddHttpsCertificateUntrusted -filename ./cert.der > AddHttpsCertificateUntrusted-geotrust-root-openssl-from-pem.bin

# Load the file onto the Modem

ati1
Cinterion
ELS61-E
REVISION 01.000
A-REVISION 00.014.00

AT^SJMSEC?
^SJMSEC: 1,1,1,0

# Lodad certificate

AT^SJMSEC=file,certs/AddHttpsCertificateUntrusted-geotrust-root-openssl-from-pem.bin

# Restarted modem. 

# Tried to open https://google.com

ATE1
AT^SICS=0,"conType","GPRS0"
AT^SICS=0,"apn","internet.t-mobile"
AT^SICS=0,"user","Telekom"
AT^SICS=0,"passwd","TM"
AT^SICS=0,"inactTO","60"
AT^SICS=0,"dns1","0.0.0.0"       
AT^SISS=3,"srvType","Http"
AT^SISS=3,"conId",0
AT^SISS=3,"cmd","get"
AT^SISS=3,"address","https://google.com"
AT^SISO=3
OK

^SIS: 3,0,2200,"Http google.com:443"

^SIS: 3,0,200,"error in sendRequest Certificate failed verification"