kiss-community/repo
2
0
Fork 1
mirror of https://codeberg.org/kiss-community/repo synced 2024-07-15 20:32:26 +00:00
Code Issues Wiki
4a6e3fc622
repo/core/ca-certificates/build
Dylan Araps 0f14201484 docs: update
2019-08-27 09:25:37 +00:00

33 lines
1.1 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh -e
#
# ca-certificates version is based on commit?
# There's no upstream version at all?!?!?
# Not sure what to do here.
#
# Source: https://hg.mozilla.org/mozilla-central/file/tip/security/nss/lib/ckfw/builtins/certdata.txt
cat > blacklist.txt <<EOF
"Distrust: O=Egypt Trust, OU=VeriSign Trust Network (cert 1/3)"
"Distrust: O=Egypt Trust, OU=VeriSign Trust Network (cert 2/3)"
"Distrust: O=Egypt Trust, OU=VeriSign Trust Network (cert 3/3)"
"Explicitly Distrust DigiNotar Root CA"
"Explicitly Distrusted DigiNotar PKIoverheid G2"
"MITM subCA 1 issued by Trustwave"
"MITM subCA 2 issued by Trustwave"
"TURKTRUST Mis-issued Intermediate CA 1"
"TURKTRUST Mis-issued Intermediate CA 2"
EOF
gcc certdata2pem.c -o certdata2pem
./certdata2pem certdata.txt
install -m0755 -d "$1/usr/share/ca-certificates/mozilla"
install -m0755 -d "$1/usr/bin"
install -m0755 -d "$1/etc/ssl/certs"
cp ./*.crt "$1/usr/share/ca-certificates/mozilla"
cp update-ca-certificates "$1/usr/bin"
cd "$1/usr/share/ca-certificates"
find . -name '*.crt' | sort | cut -b3- > "$1/etc/ca-certificates.conf"
View Git Blame Copy Permalink