Merge pull request #3 from knusbaum/master
make-ca: Allow generation of certs in DESTDIR.
This commit is contained in:
commit
aa68b77848
38
make-ca
38
make-ca
@ -818,32 +818,30 @@ popd
|
|||||||
rm -rf "${TEMPDIR}"
|
rm -rf "${TEMPDIR}"
|
||||||
|
|
||||||
# Build ANCHORLIST
|
# Build ANCHORLIST
|
||||||
"${MD5SUM}" "${ANCHORDIR}"/*.pem > "${ANCHORLIST}"
|
"${MD5SUM}" "${DESTDIR}${ANCHORDIR}"/*.pem > "${DESTDIR}${ANCHORLIST}"
|
||||||
|
|
||||||
# Build alternate formats using p11-kit trust (if not using DESTDIR)
|
# Build alternate formats using p11-kit trust
|
||||||
if test "x${DESTDIR}" == "x"; then
|
mkdir -p "${DESTDIR}${BUNDLEDIR}" "${DESTDIR}${KEYSTORE}"
|
||||||
mkdir -p "${BUNDLEDIR}" "${KEYSTORE}"
|
echo -n "Extracting OpenSSL certificates to ${DESTDIR}${CERTDIR}..."
|
||||||
echo -n "Extracting OpenSSL certificates to ${CERTDIR}..."
|
"${TRUST}" extract --filter=certificates --format=openssl-directory \
|
||||||
"${TRUST}" extract --filter=certificates --format=openssl-directory \
|
--overwrite --comment "${DESTDIR}${CERTDIR}" \
|
||||||
--overwrite --comment "${CERTDIR}" \
|
|
||||||
&& echo "Done!" || echo "Failed!!!"
|
&& echo "Done!" || echo "Failed!!!"
|
||||||
echo -n "Extracting GNUTLS server auth certificates to ${CABUNDLE}..."
|
echo -n "Extracting GNUTLS server auth certificates to ${DESTDIR}${CABUNDLE}..."
|
||||||
"${TRUST}" extract --filter=ca-anchors --format=pem-bundle \
|
"${TRUST}" extract --filter=ca-anchors --format=pem-bundle \
|
||||||
--purpose server-auth --overwrite --comment "${CABUNDLE}" \
|
--purpose server-auth --overwrite --comment "${DESTDIR}${CABUNDLE}" \
|
||||||
&& echo "Done!" || echo "Failed!!!"
|
&& echo "Done!" || echo "Failed!!!"
|
||||||
echo -n "Extracting GNUTLS S-Mime certificates to ${SMBUNDLE}..."
|
echo -n "Extracting GNUTLS S-Mime certificates to ${DESTDIR}${SMBUNDLE}..."
|
||||||
"${TRUST}" extract --filter=ca-anchors --format=pem-bundle \
|
"${TRUST}" extract --filter=ca-anchors --format=pem-bundle \
|
||||||
--purpose email --overwrite --comment "${SMBUNDLE}" \
|
--purpose email --overwrite --comment "${DESTDIR}${SMBUNDLE}" \
|
||||||
&& echo "Done!" || echo "Failed!!!"
|
&& echo "Done!" || echo "Failed!!!"
|
||||||
echo -n "Extracting GNUTLS code signing certificates to ${CSBUNDLE}..."
|
echo -n "Extracting GNUTLS code signing certificates to ${DESTDIR}${CSBUNDLE}..."
|
||||||
"${TRUST}" extract --filter=ca-anchors --format=pem-bundle \
|
"${TRUST}" extract --filter=ca-anchors --format=pem-bundle \
|
||||||
--purpose code-signing --overwrite --comment \
|
--purpose code-signing --overwrite --comment \
|
||||||
"${CSBUNDLE}" && echo "Done!" || echo "Failed!!!"
|
"${DESTDIR}${CSBUNDLE}" && echo "Done!" || echo "Failed!!!"
|
||||||
echo -n "Extracting Java cacerts (JKS) to ${KEYSTORE}/cacerts..."
|
echo -n "Extracting Java cacerts (JKS) to ${DESTDIR}${KEYSTORE}/cacerts..."
|
||||||
"${TRUST}" extract --filter=ca-anchors --format=java-cacerts \
|
"${TRUST}" extract --filter=ca-anchors --format=java-cacerts \
|
||||||
--purpose server-auth --overwrite \
|
--purpose server-auth --overwrite \
|
||||||
--comment "${KEYSTORE}/cacerts" \
|
--comment "${DESTDIR}${KEYSTORE}/cacerts" \
|
||||||
&& echo "Done!" || echo "Failed!!!"
|
&& echo "Done!" || echo "Failed!!!"
|
||||||
fi
|
|
||||||
|
|
||||||
# End /usr/sbin/make-ca
|
# End /usr/sbin/make-ca
|
||||||
|
Loading…
Reference in New Issue
Block a user