diff --git a/CHANGELOG b/CHANGELOG index 73c41db..f9a3bcf 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -4,6 +4,7 @@ all bundles in same location - Perform system installation of update service files - Separate installation step for other consumers + - Install default configuration file 0.9 - Use P11-Kit trust module to generate alternate certificate stores from trust policy - Only generate the trust store (and optionally NSSDB and Java PKCS#12) diff --git a/Makefile b/Makefile index d1b4dc0..cb9908a 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,6 @@ MANDIR=/usr/share/man SBINDIR=/usr/sbin +ETCDIR=/etc all: make_ca man @@ -19,10 +20,10 @@ clean_man: rm -f make-ca.8 chmod 0644 help2man -install: all install_bin install_man install_systemd +install: all install_bin install_man install_systemd install_conf install_bin: - /usr/bin/install -vdm755 $(DESTDIR)$(SBINDIR) + install -vdm755 $(DESTDIR)$(SBINDIR) install -vm755 make-ca $(DESTDIR)$(SBINDIR) install_systemd: @@ -35,9 +36,13 @@ install_systemd: fi install_man: - /usr/bin/install -vdm755 $(DESTDIR)$(MANDIR)/man8 + install -vdm755 $(DESTDIR)$(MANDIR)/man8 install -vm644 make-ca.8 $(DESTDIR)$(MANDIR)/man8 +install_conf: + install -vdm755 $(DESTDIR)$(ETCDIR) + install -vm644 make-ca.conf.dist $(DESTDIR)$(ETCDIR) + uninstall: rm -f $(DESTDIR)$(SBINDIR)/make-ca rm -f $(DESTDIR)$(MANDIR)/man8/make-ca.8 diff --git a/make-ca b/make-ca index b1d33b3..d312445 100644 --- a/make-ca +++ b/make-ca @@ -7,12 +7,14 @@ # # Authors: DJ Lucas # Bruce Dubbs +# Graham Weldon VERSION="1.0" +${MAKE_CA_CONF:="/etc/make-ca.conf"} # Get/set defaults -if test -f /etc/make-ca.conf; then - . /etc/make-ca.conf +if test -f "${MAKE_CA_CONF}"; then + . "${MAKE_CA_CONF}" else CERTDATA="certdata.txt" PKIDIR="/etc/pki" @@ -34,17 +36,6 @@ else URL="https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt" fi -# Source must be downloaded over https -# Valid urls for download are below -# Defualt to NSS release brach - -# https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt -# https://hg.mozilla.org/projects/nss/raw-file/tip/lib/ckfw/builtins/certdata.txt -# https://hg.mozilla.org/mozilla-central/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt -# https://hg.mozilla.org/releases/mozilla-beta/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt -# https://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt - - # Some data in the certs have UTF-8 characters # It doesn't really matter which locale, change if you like export LANG=en_US.utf8 diff --git a/make-ca.conf.dist b/make-ca.conf.dist new file mode 100644 index 0000000..267037d --- /dev/null +++ b/make-ca.conf.dist @@ -0,0 +1,31 @@ +# Configuration file for make-ca + +CERTDATA="certdata.txt" +PKIDIR="/etc/pki" +SSLDIR="/etc/ssl" +CERTUTIL="/usr/bin/certutil" +KEYTOOL="${JAVA_HOME}/bin/keytool" +OPENSSL="/usr/bin/openssl" +TRUST="/usr/bin/trust" +ANCHORDIR="${PKIDIR}/anchors" +BUNDLEDIR="${PKIDIR}/tls/certs" +CABUNDLE="${BUNDLEDIR}/ca-bundle.crt" +SMBUNDLE="${BUNDLEDIR}/email-ca-bundle.crt" +CSBUNDLE="${BUNDLEDIR}/objsign-ca-bundle.crt" +CERTDIR="${SSLDIR}/certs" +KEYSTORE="${PKIDIR}/tls/java" +NSSDB="${PKIDIR}/nssdb" +LOCALDIR="${SSLDIR}/local" +DESTDIR="" +URL="https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt" + +# Source must be downloaded over https +# Valid urls for download are below +# Defualt to NSS release brach + +# https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt +# https://hg.mozilla.org/projects/nss/raw-file/tip/lib/ckfw/builtins/certdata.txt +# https://hg.mozilla.org/mozilla-central/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt +# https://hg.mozilla.org/releases/mozilla-beta/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt +# https://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt +