blob: ed463d79176b11393299b98b4ecf380e932fe835 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
#!/bin/sh -x
user=$1
if [ "$user" == "" ]; then
home=$HOME
else
home=/home/$user
fi
echo HOME=$home
SRC_DIR=`cd ../.. ; pwd`
FIREFOX_DIR=$home/.mozilla/firefox
PROFILE=`grep Path= $FIREFOX_DIR/profiles.ini | awk -F= '{print $2}'`
CA_INSTANCE_NAME=ca-master
KRA_INSTANCE_NAME=kra-master
################################################################################
# Importing CA certificate
################################################################################
CA_CERT_NAME="caSigningCert cert-$CA_INSTANCE_NAME CA"
CA_CERT_DIR=/var/lib/pki/$CA_INSTANCE_NAME/alias
# export CA cert
certutil -L -d $CA_CERT_DIR -n "$CA_CERT_NAME" -a > $CA_CERT_DIR/ca.pem
AtoB $CA_CERT_DIR/ca.pem $CA_CERT_DIR/ca.crt
# import CA cert
certutil -A -d $FIREFOX_DIR/$PROFILE -n "$CA_CERT_NAME" -i $CA_CERT_DIR/ca.pem -t CT,C,C
################################################################################
# Importing server certificate
################################################################################
SERVER_CERT_NAME="Server-Cert cert-$CA_INSTANCE_NAME"
# export server cert
certutil -L -d $CA_CERT_DIR -n "$SERVER_CERT_NAME" -a > $CA_CERT_DIR/server.pem
AtoB $CA_CERT_DIR/server.pem $CA_CERT_DIR/server.crt
# import server cert
certutil -A -d $FIREFOX_DIR/$PROFILE -n "$SERVER_CERT_NAME" -i $CA_CERT_DIR/server.pem -t CT,C,C
################################################################################
# Importing CA admin certificate
################################################################################
CA_CERT_P12=$CA_CERT_DIR/ca_admin_cert.p12
# import CA admin cert
pk12util -i $CA_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123
certutil -M -n caadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE
################################################################################
# Importing KRA admin certificate
################################################################################
KRA_CERT_DIR=/var/lib/pki/$KRA_INSTANCE_NAME/alias
KRA_CERT_P12=$KRA_CERT_DIR/kra_admin_cert.p12
# import KRA admin cert
pk12util -i $KRA_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123
certutil -M -n kraadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE
|