Allow definition of configuratino file and install default configuration file.

CHANGELOG

@@ -4,6 +4,7 @@
            all bundles in same location
          - Perform system installation of update service files
          - Separate installation step for other consumers
+         - Install default configuration file
 0.9      - Use P11-Kit trust module to generate alternate certificate stores
            from trust policy
          - Only generate the trust store (and optionally NSSDB and Java PKCS#12)

Makefile

@@ -1,5 +1,6 @@
 MANDIR=/usr/share/man
 SBINDIR=/usr/sbin
+ETCDIR=/etc
 
 all: make_ca man
 
@@ -19,10 +20,10 @@ clean_man:
 	rm -f make-ca.8
 	chmod 0644 help2man
 
-install: all install_bin install_man install_systemd
+install: all install_bin install_man install_systemd install_conf
 
 install_bin:
-	/usr/bin/install -vdm755 $(DESTDIR)$(SBINDIR)
+	install -vdm755 $(DESTDIR)$(SBINDIR)
 	install -vm755 make-ca $(DESTDIR)$(SBINDIR)
 
 install_systemd:
@@ -35,9 +36,13 @@ install_systemd:
 	fi
 
 install_man:
-	/usr/bin/install -vdm755 $(DESTDIR)$(MANDIR)/man8
+	install -vdm755 $(DESTDIR)$(MANDIR)/man8
 	install -vm644 make-ca.8 $(DESTDIR)$(MANDIR)/man8
 
+install_conf:
+	install -vdm755 $(DESTDIR)$(ETCDIR)
+	install -vm644 make-ca.conf.dist $(DESTDIR)$(ETCDIR)
+
 uninstall:
 	rm -f $(DESTDIR)$(SBINDIR)/make-ca
 	rm -f $(DESTDIR)$(MANDIR)/man8/make-ca.8

make-ca

@@ -7,12 +7,14 @@
 # 
 # Authors: DJ Lucas
 #          Bruce Dubbs
+#          Graham Weldon
 
 VERSION="1.0"
+${MAKE_CA_CONF:="/etc/make-ca.conf"}
 
 # Get/set defaults
-if test -f /etc/make-ca.conf; then
-    . /etc/make-ca.conf
+if test -f "${MAKE_CA_CONF}"; then
+    . "${MAKE_CA_CONF}"
 else
     CERTDATA="certdata.txt"
     PKIDIR="/etc/pki"
@@ -34,17 +36,6 @@ else
     URL="https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt"
 fi
 
-# Source must be downloaded over https
-# Valid urls for download are below
-# Defualt to NSS release brach
-
-# https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
-# https://hg.mozilla.org/projects/nss/raw-file/tip/lib/ckfw/builtins/certdata.txt
-# https://hg.mozilla.org/mozilla-central/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
-# https://hg.mozilla.org/releases/mozilla-beta/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
-# https://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
-
-
 # Some data in the certs have UTF-8 characters
 # It doesn't really matter which locale, change if you like
 export LANG=en_US.utf8

make-ca.conf.dist

@@ -0,0 +1,31 @@
+# Configuration file for make-ca
+
+CERTDATA="certdata.txt"
+PKIDIR="/etc/pki"
+SSLDIR="/etc/ssl"
+CERTUTIL="/usr/bin/certutil"
+KEYTOOL="${JAVA_HOME}/bin/keytool"
+OPENSSL="/usr/bin/openssl"
+TRUST="/usr/bin/trust"
+ANCHORDIR="${PKIDIR}/anchors"
+BUNDLEDIR="${PKIDIR}/tls/certs"
+CABUNDLE="${BUNDLEDIR}/ca-bundle.crt"
+SMBUNDLE="${BUNDLEDIR}/email-ca-bundle.crt"
+CSBUNDLE="${BUNDLEDIR}/objsign-ca-bundle.crt"
+CERTDIR="${SSLDIR}/certs"
+KEYSTORE="${PKIDIR}/tls/java"
+NSSDB="${PKIDIR}/nssdb"
+LOCALDIR="${SSLDIR}/local"
+DESTDIR=""
+URL="https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt"
+
+# Source must be downloaded over https
+# Valid urls for download are below
+# Defualt to NSS release brach
+
+# https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
+# https://hg.mozilla.org/projects/nss/raw-file/tip/lib/ckfw/builtins/certdata.txt
+# https://hg.mozilla.org/mozilla-central/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
+# https://hg.mozilla.org/releases/mozilla-beta/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
+# https://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
+