Linux machine is showing certificate validation failed when it tries fetch updates
In SSL Interception, adding the CA certificate in Browser CA cache will make the browser to trust the certificate. In the case of Linux, the machine is also having a separate CA bundle and need to be updated if connection is expected to be intercepted. Follow the below steps to update the ca-bundle of linux machine.
Given a CA certificate file 'proxycert.crt', follow below steps for respective versions
sudo mkdir /usr/share/ca-certificates/proxysg
sudo cp proxycert.crt /usr/share/ca-certificates/proxysg/proxycert.crt
sudo dpkg-reconfigure ca-certificates
cp ca-bundle.crt ca-bundle.crt.bak
openssl x509 -text -in /path/to/proxycert.crt >> /etc/pki/tls/certs/ca-bundle.crt