logo

ca-certificates

Unnamed repository; edit this file 'description' to name the repository. git clone https://hacktivis.me/git/ca-certificates.git

make.sh (1480B)

    

  1. GET="wget -c --no-check-certificate"

  2. OPGP="gpg --auto-key-retrieve --verify"

  3. SRC_URI="https://hackint.org/crt/rootca.crt

  4. https://sks-keyservers.net/sks-keyservers.netCA.pem

  5. https://sks-keyservers.net/sks-keyservers.netCA.pem.asc

  6. https://www.immerda.ch/assets/certs/immer-ca.crt

  7. https://www.immerda.ch/assets/certs/immer-ca.crt.asc"

  8. 

  9. VERIFICATIONS="openpgp-direct" # openpgp-fingerprint

  10. 

  11. openpgp-direct() {

  12. 	for i in *.asc; do $OPGP ${i} || exit; done

  13. }

  14. openpgp-fingerprint() {

  15. 	echo 'Not yet done, anyway cacert.org uses broken crypto for this verification'

  16. 	exit

  17. }

  18. 

  19. clean() {

  20. 	set -x

  21. 	rm -fr src/* ca-certificates.pem

  22. }

  23. 

  24. install() {

  25. 	echo 'I don’t know how to install… there is no standard on that'

  26. 	echo " * OpenSSL/LibreSSL: put ca-certificates.pem or src/*.pem in /usr/local/share/ca-certificates and do update-ca-certificates"

  27. 	echo " * GnuPG: “hkp-cacert $(pwd)/src/sks-keyservers.netCA.pem” in ${GNUPGHOME:-$HOME/.gnupg}/dirmngr.conf"

  28. 	echo " * Mono (import): mozroots --import ca-certificates.pem"

  29. 	echo " * Mono (replace): mozroots --sync --file ca-certificates.pem"

  30. 	echo "For more see https://wiki.gentoo.org/wiki/Certificates"

  31. }

  32. 

  33. main() {

  34. 	set -x

  35. 

  36. 	mkdir src; cd src

  37. 	

  38. 	for i in $SRC_URI; do $GET ${i}; done

  39. 	wget -O rootca.crt.asc https://hackint.org/crt/sigs/combined.asc

  40. 	for i in $VERIFICATIONS; do ${i}; done

  41. 	

  42. 	cd ..

  43. 	

  44. 	cat src/*.crt src/*.pem > ca-certificates.pem

  45. }

  46. 

  47. case "$1" in

  48. 	clean*)

  49. 		clean

  50. 	;;

  51. 	install*)

  52. 		install

  53. 	;;

  54. 	all*|*)

  55. 		main

  56. 	;;

  57. esac