logo

ca-certificates

Unnamed repository; edit this file 'description' to name the repository. git clone https://hacktivis.me/git/ca-certificates.git

make.sh (1480B)


  1. GET="wget -c --no-check-certificate"
  2. OPGP="gpg --auto-key-retrieve --verify"
  3. SRC_URI="https://hackint.org/crt/rootca.crt
  4. https://sks-keyservers.net/sks-keyservers.netCA.pem
  5. https://sks-keyservers.net/sks-keyservers.netCA.pem.asc
  6. https://www.immerda.ch/assets/certs/immer-ca.crt
  7. https://www.immerda.ch/assets/certs/immer-ca.crt.asc"
  8. VERIFICATIONS="openpgp-direct" # openpgp-fingerprint
  9. openpgp-direct() {
  10. for i in *.asc; do $OPGP ${i} || exit; done
  11. }
  12. openpgp-fingerprint() {
  13. echo 'Not yet done, anyway cacert.org uses broken crypto for this verification'
  14. exit
  15. }
  16. clean() {
  17. set -x
  18. rm -fr src/* ca-certificates.pem
  19. }
  20. install() {
  21. echo 'I don’t know how to install… there is no standard on that'
  22. echo " * OpenSSL/LibreSSL: put ca-certificates.pem or src/*.pem in /usr/local/share/ca-certificates and do update-ca-certificates"
  23. echo " * GnuPG: “hkp-cacert $(pwd)/src/sks-keyservers.netCA.pem” in ${GNUPGHOME:-$HOME/.gnupg}/dirmngr.conf"
  24. echo " * Mono (import): mozroots --import ca-certificates.pem"
  25. echo " * Mono (replace): mozroots --sync --file ca-certificates.pem"
  26. echo "For more see https://wiki.gentoo.org/wiki/Certificates"
  27. }
  28. main() {
  29. set -x
  30. mkdir src; cd src
  31. for i in $SRC_URI; do $GET ${i}; done
  32. wget -O rootca.crt.asc https://hackint.org/crt/sigs/combined.asc
  33. for i in $VERIFICATIONS; do ${i}; done
  34. cd ..
  35. cat src/*.crt src/*.pem > ca-certificates.pem
  36. }
  37. case "$1" in
  38. clean*)
  39. clean
  40. ;;
  41. install*)
  42. install
  43. ;;
  44. all*|*)
  45. main
  46. ;;
  47. esac