7 # update-ca-certificates
9 # Copyright (c) 2003 Fumitoshi UKAI <ukai@debian.or.jp>
10 # Copyright (c) 2009 Philipp Kern <pkern@debian.org>
12 # This program is free software; you can redistribute it and/or modify
13 # it under the terms of the GNU General Public License as published by
14 # the Free Software Foundation; either version 2 of the License, or
15 # (at your option) any later version.
17 # This program is distributed in the hope that it will be useful,
18 # but WITHOUT ANY WARRANTY; without even the implied warranty of
19 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 # GNU General Public License for more details.
22 # You should have received a copy of the GNU General Public License
23 # along with this program; if not, write to the Free Software
24 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02111-1301,
38 echo "$0: [--verbose]"
44 CERTSCONF=$DESTDIR/etc/ca-certificates.conf
45 CERTSCONFD=$DESTDIR/etc/ca-certificates.d
46 CERTSDIR=$DESTDIR/usr/share/ca-certificates
47 LOCALCERTSDIR=$DESTDIR/etc/certs
48 CERTBUNDLE=$DESTDIR/etc/certs/ca-certificates.crt
49 ETCCERTSDIR=$DESTDIR/etc/openssl/certs
52 KEYTOOL=$PWD/tmp-bin/keytool
56 # Adds a certificate to the list of trusted ones.
57 # Adds the certificate to the cacerts file
61 ALIAS="$(echo "$NAME" | sed -e 's/.\(crt|pem\)$//' -e 's/ /_/g' \
62 -e 's/[()]/=/g' -e 's/,/_/g')"
64 if [ "$verbose" = 1 ] ; then
65 echo " adding '$CERT' as '$ALIAS'"
67 if ! $KEYTOOL -noprompt -import -alias "$ALIAS" \
68 -keystore $KEYSTORE -storepass 'changeit' \
70 echo "W: $NAME certification could not be added"
76 for conf in $CERTSCONF $CERTSCONFD/*.conf; do
77 # skip inexistent files (matched by glob)
78 [ -f $conf ] || continue
80 sed -e '/^$/d' -e '/^#/d' -e '/^!/d' $conf | while read crt
82 if test -f "$CERTSDIR/$crt"
84 add "$CERTSDIR/$crt" "$crt"
85 elif test -f "$LOCALCERTSDIR/$crt"
87 add "$LOCALCERTSDIR/$crt" "$crt"
89 echo "W: $CERTSDIR/$crt or $LOCALCERTSDIR/$crt not found, but listed in $conf." >&2