Allow definition of configuratino file and install default configuration file.
This commit is contained in:
parent
b8603c3856
commit
a3a5711466
@ -4,6 +4,7 @@
|
||||
all bundles in same location
|
||||
- Perform system installation of update service files
|
||||
- Separate installation step for other consumers
|
||||
- Install default configuration file
|
||||
0.9 - Use P11-Kit trust module to generate alternate certificate stores
|
||||
from trust policy
|
||||
- Only generate the trust store (and optionally NSSDB and Java PKCS#12)
|
||||
|
11
Makefile
11
Makefile
@ -1,5 +1,6 @@
|
||||
MANDIR=/usr/share/man
|
||||
SBINDIR=/usr/sbin
|
||||
ETCDIR=/etc
|
||||
|
||||
all: make_ca man
|
||||
|
||||
@ -19,10 +20,10 @@ clean_man:
|
||||
rm -f make-ca.8
|
||||
chmod 0644 help2man
|
||||
|
||||
install: all install_bin install_man install_systemd
|
||||
install: all install_bin install_man install_systemd install_conf
|
||||
|
||||
install_bin:
|
||||
/usr/bin/install -vdm755 $(DESTDIR)$(SBINDIR)
|
||||
install -vdm755 $(DESTDIR)$(SBINDIR)
|
||||
install -vm755 make-ca $(DESTDIR)$(SBINDIR)
|
||||
|
||||
install_systemd:
|
||||
@ -35,9 +36,13 @@ install_systemd:
|
||||
fi
|
||||
|
||||
install_man:
|
||||
/usr/bin/install -vdm755 $(DESTDIR)$(MANDIR)/man8
|
||||
install -vdm755 $(DESTDIR)$(MANDIR)/man8
|
||||
install -vm644 make-ca.8 $(DESTDIR)$(MANDIR)/man8
|
||||
|
||||
install_conf:
|
||||
install -vdm755 $(DESTDIR)$(ETCDIR)
|
||||
install -vm644 make-ca.conf.dist $(DESTDIR)$(ETCDIR)
|
||||
|
||||
uninstall:
|
||||
rm -f $(DESTDIR)$(SBINDIR)/make-ca
|
||||
rm -f $(DESTDIR)$(MANDIR)/man8/make-ca.8
|
||||
|
17
make-ca
17
make-ca
@ -7,12 +7,14 @@
|
||||
#
|
||||
# Authors: DJ Lucas
|
||||
# Bruce Dubbs
|
||||
# Graham Weldon
|
||||
|
||||
VERSION="1.0"
|
||||
${MAKE_CA_CONF:="/etc/make-ca.conf"}
|
||||
|
||||
# Get/set defaults
|
||||
if test -f /etc/make-ca.conf; then
|
||||
. /etc/make-ca.conf
|
||||
if test -f "${MAKE_CA_CONF}"; then
|
||||
. "${MAKE_CA_CONF}"
|
||||
else
|
||||
CERTDATA="certdata.txt"
|
||||
PKIDIR="/etc/pki"
|
||||
@ -34,17 +36,6 @@ else
|
||||
URL="https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt"
|
||||
fi
|
||||
|
||||
# Source must be downloaded over https
|
||||
# Valid urls for download are below
|
||||
# Defualt to NSS release brach
|
||||
|
||||
# https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
|
||||
# https://hg.mozilla.org/projects/nss/raw-file/tip/lib/ckfw/builtins/certdata.txt
|
||||
# https://hg.mozilla.org/mozilla-central/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
|
||||
# https://hg.mozilla.org/releases/mozilla-beta/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
|
||||
# https://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
|
||||
|
||||
|
||||
# Some data in the certs have UTF-8 characters
|
||||
# It doesn't really matter which locale, change if you like
|
||||
export LANG=en_US.utf8
|
||||
|
31
make-ca.conf.dist
Normal file
31
make-ca.conf.dist
Normal file
@ -0,0 +1,31 @@
|
||||
# Configuration file for make-ca
|
||||
|
||||
CERTDATA="certdata.txt"
|
||||
PKIDIR="/etc/pki"
|
||||
SSLDIR="/etc/ssl"
|
||||
CERTUTIL="/usr/bin/certutil"
|
||||
KEYTOOL="${JAVA_HOME}/bin/keytool"
|
||||
OPENSSL="/usr/bin/openssl"
|
||||
TRUST="/usr/bin/trust"
|
||||
ANCHORDIR="${PKIDIR}/anchors"
|
||||
BUNDLEDIR="${PKIDIR}/tls/certs"
|
||||
CABUNDLE="${BUNDLEDIR}/ca-bundle.crt"
|
||||
SMBUNDLE="${BUNDLEDIR}/email-ca-bundle.crt"
|
||||
CSBUNDLE="${BUNDLEDIR}/objsign-ca-bundle.crt"
|
||||
CERTDIR="${SSLDIR}/certs"
|
||||
KEYSTORE="${PKIDIR}/tls/java"
|
||||
NSSDB="${PKIDIR}/nssdb"
|
||||
LOCALDIR="${SSLDIR}/local"
|
||||
DESTDIR=""
|
||||
URL="https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt"
|
||||
|
||||
# Source must be downloaded over https
|
||||
# Valid urls for download are below
|
||||
# Defualt to NSS release brach
|
||||
|
||||
# https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
|
||||
# https://hg.mozilla.org/projects/nss/raw-file/tip/lib/ckfw/builtins/certdata.txt
|
||||
# https://hg.mozilla.org/mozilla-central/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
|
||||
# https://hg.mozilla.org/releases/mozilla-beta/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
|
||||
# https://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
|
||||
|
Loading…
Reference in New Issue
Block a user