diff options
Diffstat (limited to 'scripts/firefox-certs-import.sh')
-rwxr-xr-x | scripts/firefox-certs-import.sh | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/scripts/firefox-certs-import.sh b/scripts/firefox-certs-import.sh new file mode 100755 index 0000000..ed463d7 --- /dev/null +++ b/scripts/firefox-certs-import.sh @@ -0,0 +1,67 @@ +#!/bin/sh -x + +user=$1 + +if [ "$user" == "" ]; then + home=$HOME +else + home=/home/$user +fi + +echo HOME=$home + +SRC_DIR=`cd ../.. ; pwd` + +FIREFOX_DIR=$home/.mozilla/firefox +PROFILE=`grep Path= $FIREFOX_DIR/profiles.ini | awk -F= '{print $2}'` + +CA_INSTANCE_NAME=ca-master +KRA_INSTANCE_NAME=kra-master + +################################################################################ +# Importing CA certificate +################################################################################ + +CA_CERT_NAME="caSigningCert cert-$CA_INSTANCE_NAME CA" +CA_CERT_DIR=/var/lib/pki/$CA_INSTANCE_NAME/alias + +# export CA cert +certutil -L -d $CA_CERT_DIR -n "$CA_CERT_NAME" -a > $CA_CERT_DIR/ca.pem +AtoB $CA_CERT_DIR/ca.pem $CA_CERT_DIR/ca.crt + +# import CA cert +certutil -A -d $FIREFOX_DIR/$PROFILE -n "$CA_CERT_NAME" -i $CA_CERT_DIR/ca.pem -t CT,C,C + +################################################################################ +# Importing server certificate +################################################################################ + +SERVER_CERT_NAME="Server-Cert cert-$CA_INSTANCE_NAME" + +# export server cert +certutil -L -d $CA_CERT_DIR -n "$SERVER_CERT_NAME" -a > $CA_CERT_DIR/server.pem +AtoB $CA_CERT_DIR/server.pem $CA_CERT_DIR/server.crt + +# import server cert +certutil -A -d $FIREFOX_DIR/$PROFILE -n "$SERVER_CERT_NAME" -i $CA_CERT_DIR/server.pem -t CT,C,C + +################################################################################ +# Importing CA admin certificate +################################################################################ + +CA_CERT_P12=$CA_CERT_DIR/ca_admin_cert.p12 + +# import CA admin cert +pk12util -i $CA_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123 +certutil -M -n caadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE + +################################################################################ +# Importing KRA admin certificate +################################################################################ + +KRA_CERT_DIR=/var/lib/pki/$KRA_INSTANCE_NAME/alias +KRA_CERT_P12=$KRA_CERT_DIR/kra_admin_cert.p12 + +# import KRA admin cert +pk12util -i $KRA_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123 +certutil -M -n kraadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE |