summaryrefslogtreecommitdiffstats
path: root/scripts/firefox-certs-import.sh
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/firefox-certs-import.sh')
-rwxr-xr-xscripts/firefox-certs-import.sh58
1 files changed, 46 insertions, 12 deletions
diff --git a/scripts/firefox-certs-import.sh b/scripts/firefox-certs-import.sh
index af25540..0ea1984 100755
--- a/scripts/firefox-certs-import.sh
+++ b/scripts/firefox-certs-import.sh
@@ -1,22 +1,56 @@
#!/bin/sh -x
-. ./ca-include.sh
+user=$1
+
+if [ "$user" == "" ]; then
+ home=$HOME
+else
+ home=/home/$user
+fi
+
+echo HOME=$home
SRC_DIR=`cd ../.. ; pwd`
-INSTANCE_NAME=pki-master
+CERTS=$SRC_DIR/certs
-FIREFOX_DIR=~/.mozilla/firefox
+FIREFOX_DIR=$home/.mozilla/firefox
PROFILE=`grep Path= $FIREFOX_DIR/profiles.ini | awk -F= '{print $2}'`
-CLIENT_CERT_DIR=$SRC_DIR/certs/$INSTANCE_NAME
-CLIENT_CERT_PASSWORD=$CLIENT_CERT_DIR/password.txt
-CLIENT_CERT_PK12=$CLIENT_CERT_DIR/admin.p12
+CA_INSTANCE_NAME=ca-master
+KRA_INSTANCE_NAME=kra-master
+
+################################################################################
+# Importing CA certificate
+################################################################################
+
+CA_CERT_NAME="caSigningCert cert-$CA_INSTANCE_NAME"
+CA_CERT_DIR=/var/lib/pki/$CA_INSTANCE_NAME/alias
+
+# export CA cert
+certutil -L -d $CA_CERT_DIR -n "$CA_CERT_NAME" -a > $CERTS/ca.pem
+AtoB $CERTS/ca.pem $CERTS/ca.crt
+
+# import CA cert
+certutil -A -d $FIREFOX_DIR/$PROFILE -n "$CA_CERT_NAME" -i $CERTS/ca.pem -t CT,C,C
+
+################################################################################
+# Importing CA admin certificate
+################################################################################
+
+CA_CERT_DIR=/var/lib/pki/$CA_INSTANCE_NAME/alias
+CA_CERT_P12=$CA_CERT_DIR/ca_admin_cert.p12
+
+# import CA admin cert
+pk12util -i $CA_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123
+certutil -M -n caadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE
-echo $PASSWORD > $CLIENT_CERT_PASSWORD
-PKCS12Export -d "$CLIENT_CERT_DIR" -o "$CLIENT_CERT_PK12" -p "$CLIENT_CERT_PASSWORD" -w "$CLIENT_CERT_PASSWORD"
+################################################################################
+# Importing KRA admin certificate
+################################################################################
-pk12util -i $CLIENT_CERT_PK12 -d $FIREFOX_DIR/$PROFILE -w $CLIENT_CERT_PASSWORD
-certutil -M -n admin -t u,u,u -d $FIREFOX_DIR/$PROFILE
+KRA_CERT_DIR=/var/lib/pki/$KRA_INSTANCE_NAME/alias
+KRA_CERT_P12=$KRA_CERT_DIR/kra_admin_cert.p12
-#pk12util -i $SRC_DIR/pki-dev/certs/kra/kra-client-certs.p12 -d $FIREFOX_DIR/$PROFILE -W Secret123
-#certutil -M -n kraadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE
+# import KRA admin cert
+pk12util -i $KRA_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123
+certutil -M -n kraadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE
generated by cgit (git 2.34.1) at 2024-06-06 23:56:51 +0000