From cd8f2f768b0e4beb8975c105fc7851d1a8beed16 Mon Sep 17 00:00:00 2001
From: Endi Sukma Dewata <edewata@redhat.com>
Date: Fri, 30 Nov 2012 01:36:03 -0500
Subject: Update Firefox scripts.

---
 scripts/firefox-certs-import.sh | 76 +++++++++++++++++++++++++++++------------
 1 file changed, 54 insertions(+), 22 deletions(-)

(limited to 'scripts/firefox-certs-import.sh')

diff --git a/scripts/firefox-certs-import.sh b/scripts/firefox-certs-import.sh
index 94504e0..4e5a89b 100755
--- a/scripts/firefox-certs-import.sh
+++ b/scripts/firefox-certs-import.sh
@@ -1,4 +1,4 @@
-#!/bin/sh -x
+#!/bin/sh
 
 user=$1
 
@@ -17,47 +17,48 @@ PROFILE=`grep Path= $FIREFOX_DIR/profiles.ini | awk -F= '{print $2}'`
 
 CA_INSTANCE_NAME=ca-master
 KRA_INSTANCE_NAME=kra-master
-
-CERTS=/var/lib/pki/$CA_INSTANCE_NAME/ca/certs
+OCSP_INSTANCE_NAME=ocsp-master
+TKS_INSTANCE_NAME=tks-master
 
 ################################################################################
 # Importing CA certificate
 ################################################################################
 
-CA_CERT_NAME="caSigningCert cert-$CA_INSTANCE_NAME"
+CA_CERT_NAME="caSigningCert cert-$CA_INSTANCE_NAME CA"
 CA_CERT_DIR=/var/lib/pki/$CA_INSTANCE_NAME/alias
 
-# export CA cert
-certutil -L -d $CA_CERT_DIR -n "$CA_CERT_NAME" -a > $CERTS/ca.pem
-AtoB $CERTS/ca.pem $CERTS/ca.crt
+echo Exporting CA certificate...
+certutil -L -d $CA_CERT_DIR -n "$CA_CERT_NAME" -a > $CA_CERT_DIR/ca.pem
+AtoB $CA_CERT_DIR/ca.pem $CA_CERT_DIR/ca.crt
 
-# import CA cert
-certutil -A -d $FIREFOX_DIR/$PROFILE -n "$CA_CERT_NAME" -i $CERTS/ca.pem -t CT,C,C
+echo Importing CA certificate...
+certutil -A -d $FIREFOX_DIR/$PROFILE -n "$CA_CERT_NAME" -i $CA_CERT_DIR/ca.pem -t CT,C,C
 
 ################################################################################
 # Importing server certificate
 ################################################################################
 
 SERVER_CERT_NAME="Server-Cert cert-$CA_INSTANCE_NAME"
-SERVER_CERT_DIR=/var/lib/pki/$CA_INSTANCE_NAME/alias
 
-# export server cert
-certutil -L -d $CA_CERT_DIR -n "$SERVER_CERT_NAME" -a > $CERTS/server.pem
-AtoB $CERTS/server.pem $CERTS/server.crt
+echo Exporting server certificate...
+certutil -L -d $CA_CERT_DIR -n "$SERVER_CERT_NAME" -a > $CA_CERT_DIR/server.pem
+AtoB $CA_CERT_DIR/server.pem $CA_CERT_DIR/server.crt
 
-# import server cert
-certutil -A -d $FIREFOX_DIR/$PROFILE -n "$SERVER_CERT_NAME" -i $CERTS/server.pem -t CT,C,C
+echo Importing server certificate...
+certutil -A -d $FIREFOX_DIR/$PROFILE -n "$SERVER_CERT_NAME" -i $CA_CERT_DIR/server.pem -t CT,C,C
 
 ################################################################################
 # Importing CA admin certificate
 ################################################################################
 
-CA_CERT_DIR=/var/lib/pki/$CA_INSTANCE_NAME/alias
 CA_CERT_P12=$CA_CERT_DIR/ca_admin_cert.p12
 
-# import CA admin cert
-pk12util -i $CA_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123
-certutil -M -n caadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE
+if [ -e $CA_CERT_P12 ]
+then
+    echo Importing CA admin certificate...
+    pk12util -i $CA_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123
+    certutil -M -n caadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE
+fi
 
 ################################################################################
 # Importing KRA admin certificate
@@ -66,6 +67,37 @@ certutil -M -n caadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE
 KRA_CERT_DIR=/var/lib/pki/$KRA_INSTANCE_NAME/alias
 KRA_CERT_P12=$KRA_CERT_DIR/kra_admin_cert.p12
 
-# import KRA admin cert
-pk12util -i $KRA_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123
-certutil -M -n kraadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE
+if [ -e $KRA_CERT_P12 ]
+then
+    echo Importing KRA admin certificate...
+    pk12util -i $KRA_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123
+    certutil -M -n kraadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE
+fi
+
+################################################################################
+# Importing OCSP admin certificate
+################################################################################
+
+OCSP_CERT_DIR=/var/lib/pki/$OCSP_INSTANCE_NAME/alias
+OCSP_CERT_P12=$OCSP_CERT_DIR/ocsp_admin_cert.p12
+
+if [ -e $OCSP_CERT_P12 ]
+then
+    echo Importing OCSP admin certificate...
+    pk12util -i $OCSP_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123
+    certutil -M -n ocspadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE
+fi
+
+################################################################################
+# Importing TKS admin certificate
+################################################################################
+
+TKS_CERT_DIR=/var/lib/pki/$TKS_INSTANCE_NAME/alias
+TKS_CERT_P12=$TKS_CERT_DIR/tks_admin_cert.p12
+
+if [ -e $TKS_CERT_P12 ]
+then
+    echo Importing TKS admin certificate...
+    pk12util -i $TKS_CERT_P12 -d $FIREFOX_DIR/$PROFILE -W Secret123
+    certutil -M -n tksadmin -t u,u,u -d $FIREFOX_DIR/$PROFILE
+fi
-- 
cgit