1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
#!/bin/bash -e
#
# Inserts all local *.crt to user's browsers (webkit (chromium, ..) & mozilla (firefox, ..)) cert db's as trusted
#
# Comes handy when testing SSL with self-signed and such. May also be
# useful on a normal production system if you keep (self signed, your
# privately CA) certs in /usr/local/share/ca-certificates/.
#
# Note that these browsers do not use (Debian's) system default cert database (ca-certificates), else this tool would not be needed.
#
# Depends: libnss3-tools
# See Also: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926388
main()
{
local pkiDir="${HOME}/.pki" trust="C,,"
[ "${MBD_CODENAME}" != "buster" ] || trust="P,,"
local c
for c in /usr/local/share/ca-certificates/*.crt; do
if [ -e "${pkiDir}/nssdb" ]; then
printf "I: [webkit] Adding %s to %s...\n" "${c}" "${pkiDir}"
certutil -d sql:${pkiDir}/nssdb -A -t "${trust}" -n"$(basename ${c} .pem)" -i "${c}" || read -p "[chromium] FYI: ${pkiDir} seems broke [RET]" DUMMY
fi
local certDB
for certDB in $(find ${HOME}/.mozilla/ -name "cert*.db"); do
printf "I: [mozilla] Adding %s to %s...\n" "${c}" "${certDB}"
certutil -d $(dirname "${certDB}") -A -t "${trust}" -n"$(basename ${c} .pem)" -i "${c}"|| read -p "[firefox] FYI: ${certDB} seems broke [RET]" DUMMY
done
done
}
main
|
