12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 |
- #!/usr/bin/env bash
- set -o errexit
- bin/docker-compose exec -T -u root app mkcert -install
- docker cp "$(bin/docker-compose ps -q app|awk '{print $1}')":/root/.local/share/mkcert/rootCA.pem .
- echo "System password requested to install certificate authority on host..."
- if [ "$(uname)" == "Darwin" ]; then
- sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain rootCA.pem
-
- FFoxBin="/Applications/Firefox.app/Contents/MacOS/firefox-bin"
- if [ -f "$FFoxBin" ]; then
- echo "{\"policies\": {\"Certificates\": {\"ImportEnterpriseRoots\": true}}}" | sudo tee policies.json
-
- DistDirectory="/Applications/Firefox.app/Contents/Resources/distribution"
- if [ ! -d "$DistDirectory" ]; then
- sudo mkdir -p "$DistDirectory"
- fi
-
- sudo mv policies.json "$DistDirectory"/policies.json
-
- CertDirectory="/Library/Application Support/Mozilla/Certificates"
- if [ ! -d "$CertDirectory" ]; then
- sudo mkdir -p "$CertDirectory"
- fi
-
- sudo mv rootCA.pem "$CertDirectory"/rootCA.pem
- else
- sudo rm rootCA.pem
- fi
- else
-
- REQUIRED_PKG="libnss3-tools"
- PKG_OK=$(dpkg-query -W --showformat='${Status}\n' $REQUIRED_PKG|grep "install ok installed")
- echo Checking for $REQUIRED_PKG: "$PKG_OK"
- if [ "" = "$PKG_OK" ]; then
- echo "No $REQUIRED_PKG found. Setting up $REQUIRED_PKG."
- sudo apt-get --yes install $REQUIRED_PKG
- fi
-
- certfile="rootCA.pem"
- certname="Root CA"
-
- find ~/ -name "cert8.db" -print0 | while read -r certDB
- do
- certdir=$(dirname "${certDB}");
- certutil -D -n "${certname}" -i ${certfile} -d dbm:"${certdir}"
- certutil -A -n "${certname}" -t "TCu,Cu,Tu" -i ${certfile} -d dbm:"${certdir}"
- done
-
- find ~/ -name "cert9.db" -print0 | while read -r certDB
- do
- certdir=$(dirname "${certDB}");
- certutil -D -n "${certname}" -i ${certfile} -d sql:"${certdir}"
- certutil -A -n "${certname}" -t "TCu,Cu,Tu" -i ${certfile} -d sql:"${certdir}"
- done
- sudo mv rootCA.pem /usr/local/share/ca-certificates/rootCA.crt
- sudo update-ca-certificates
- fi
|