diff options
Diffstat (limited to 'scripts/firefox-certs-import.sh')
-rwxr-xr-x | scripts/firefox-certs-import.sh | 58 |
1 files changed, 46 insertions, 12 deletions
diff --git a/scripts/firefox-certs-import.sh b/scripts/firefox-certs-import.sh index af25540..0ea1984 100755 --- a/scripts/firefox-certs-import.sh +++ b/scripts/firefox-certs-import.sh @@ -1,22 +1,56 @@ #!/bin/sh -x -. ./ca-include.sh +user=$1 + +if [ "$user" == "" ]; then + home=$HOME +else + home=/home/$user +fi + +echo HOME=$home SRC_DIR=`cd ../.. ; pwd` -INSTANCE_NAME=pki-master +CERTS=$SRC_DIR/certs -FIREFOX_DIR=~/.mozilla/firefox +FIREFOX_DIR=$home/.mozilla/firefox PROFILE=`grep Path= $FIREFOX_DIR/profiles.ini | awk -F= '{print $2}'` -CLIENT_CERT_DIR=$SRC_DIR/certs/$INSTANCE_NAME -CLIENT_CERT_PASSWORD=$CLIENT_CERT_DIR/password.txt -CLIENT_CERT_PK12=$CLIENT_CERT_DIR/admin.p12 +CA_INSTANCE_NAME=ca-master +KRA_INSTANCE_NAME=kra-master + +################################################################################ +# Importing CA certificate +################################################################################ + +CA_CERT_NAME="caSigningCert cert-$CA_INSTANCE_NAME" +CA_CERT_DIR=/var/lib/pki/$CA_INSTANCE_NAME/alias + +# export CA cert +certutil -L -d $CA_CERT_DIR -n "$CA_CERT_NAME" -a > $CERTS/ca.pem +AtoB $CERTS/ca.pem $CERTS/ca.crt + +# import CA cert +certutil -A -d $FIREFOX_DIR/$PROFILE -n "$CA_CERT_NAME" -i $CERTS/ca.pem -t CT,C,C + +################################################################################ +# Importing CA admin certificate +################################################################################ + +CA_CERT_DIR=/var/lib/pki/$CA_INSTANCE_NAME/alias +CA_CERT_P12=$CA_CERT_DIR/ca_admin_cert.p12 + +# import CA admin cert +pk12util -i $CA_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123 +certutil -M -n caadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE -echo $PASSWORD > $CLIENT_CERT_PASSWORD -PKCS12Export -d "$CLIENT_CERT_DIR" -o "$CLIENT_CERT_PK12" -p "$CLIENT_CERT_PASSWORD" -w "$CLIENT_CERT_PASSWORD" +################################################################################ +# Importing KRA admin certificate +################################################################################ -pk12util -i $CLIENT_CERT_PK12 -d $FIREFOX_DIR/$PROFILE -w $CLIENT_CERT_PASSWORD -certutil -M -n admin -t u,u,u -d $FIREFOX_DIR/$PROFILE +KRA_CERT_DIR=/var/lib/pki/$KRA_INSTANCE_NAME/alias +KRA_CERT_P12=$KRA_CERT_DIR/kra_admin_cert.p12 -#pk12util -i $SRC_DIR/pki-dev/certs/kra/kra-client-certs.p12 -d $FIREFOX_DIR/$PROFILE -W Secret123 -#certutil -M -n kraadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE +# import KRA admin cert +pk12util -i $KRA_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123 +certutil -M -n kraadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE |