|
|
@@ -17,21 +17,41 @@ path_ssl="/etc/ssl/certs";
|
|
17
|
17
|
|
|
18
|
18
|
function addCerts(){
|
|
19
|
19
|
for ((ix = 0; ix != ${#cert_gov[@]}; ix++)); do
|
|
20
|
|
- if sudo wget -c -t 1 --inet4-only -c -O $path_script/${cert_gov[$ix]} $url_gov/${cert_gov[$ix]}; then
|
|
21
|
|
- echo "сертификат скачан успешно!";
|
|
|
20
|
+ if wget -c -t 1 --inet4-only -c -O $path_script/${cert_gov[$ix]} $url_gov/${cert_gov[$ix]}; then
|
|
|
21
|
+ echo "сертификат скачан успешно!";
|
|
22
|
22
|
else
|
|
23
|
|
- echo "ошибка - сертификат не скачан!..";
|
|
24
|
|
- exit
|
|
|
23
|
+ echo "ошибка - сертификат не скачан!..";
|
|
|
24
|
+ exit
|
|
|
25
|
+ fi
|
|
|
26
|
+ if [ "$( echo -e ${cert_gov[$ix]}|wc -m)" != "0" ]; then
|
|
|
27
|
+ cert_name=$(echo -e ${cert_gov[$ix]}|sed 's/\_pem.crt//g');
|
|
|
28
|
+ sudo openssl x509 -in $path_script/${cert_gov[$ix]} -out $path_ssl/$cert_name.pem -outform PEM;
|
|
|
29
|
+ cd $path_ssl;
|
|
|
30
|
+ sudo ln -sf $cert_name.pem $(sudo openssl x509 -in $cert_name.pem -noout -hash).0
|
|
|
31
|
+ sudo chmod 600 $path_ssl/$cert_name.pem;
|
|
|
32
|
+ sudo chown root:root $path_ssl/$cert_name.pem;
|
|
|
33
|
+ cd $path_script;
|
|
|
34
|
+ fi
|
|
|
35
|
+ # для пользователя
|
|
|
36
|
+ eval cert8_db="(" $(find $HOME -type f -name cert8.db -printf '%p%f\n') ")";
|
|
|
37
|
+ eval cert9_db="(" $(find $HOME -type f -name cert9.db -printf '%p%f\n') ")";
|
|
|
38
|
+#
|
|
|
39
|
+ if [ "$(echo -e ${#cert8_db[@]})" != "0" ]; then
|
|
|
40
|
+ for ((i_dm = 0; i_dm != ${#cert8_db[@]}; i_dm++)); do
|
|
|
41
|
+ certdir=$(dirname ${cert8_db[$i_dm]});
|
|
|
42
|
+ sudo certutil -A -n "$(echo -e ${cert_gov[$ix]}|sed 's/\_pem.crt//g')" -t "TCu,Cu,Tu" -i $path_script/${cert_gov[$ix]} -d dbm:$certdir;
|
|
|
43
|
+ done
|
|
|
44
|
+ fi
|
|
|
45
|
+ if [ "$(echo -e ${#cert9_db[@]})" != "0" ]; then
|
|
|
46
|
+ for ((i_dm = 0; i_dm != ${#cert9_db[@]}; i_dm++)); do
|
|
|
47
|
+ certdir=$(dirname ${cert9_db[$i_dm]});
|
|
|
48
|
+ sudo certutil -A -n "$(echo -e ${cert_gov[$ix]}|sed 's/\_pem.crt//g')" -t "TCu,Cu,Tu" -i $path_script/${cert_gov[$ix]} -d sql:$certdir
|
|
|
49
|
+ done
|
|
25
|
50
|
fi
|
|
26
|
|
- sudo openssl x509 -in $path_script/${cert_gov[$ix]} -out $path_ssl/$(echo -e ${cert_gov[$ix]}|sed 's/\_pem.crt//g').pem -outform PEM;
|
|
27
|
|
- sudo chmod 600 $path_ssl/$(echo -e ${cert_gov[$ix]}|sed 's/\_pem.crt//g').pem;
|
|
28
|
|
- sudo chown root:root $path_ssl/$(echo -e ${cert_gov[$ix]}|sed 's/\_pem.crt//g').pem;
|
|
29
|
|
- cd $path_ssl;
|
|
30
|
|
- sudo ln -sf $(echo -e ${cert_gov[$ix]}|sed 's/\_pem.crt//g').pem `openssl x509 -noout -hash < $(echo -e ${cert_gov[$ix]}|sed 's/\_pem.crt//g').pem`.0
|
|
31
|
|
- cd $HOME;
|
|
32
|
51
|
done
|
|
33
|
52
|
sudo update-ca-certificates;
|
|
34
|
53
|
sudo update-ca-certificates --fresh;
|
|
|
54
|
+#
|
|
35
|
55
|
}
|
|
36
|
56
|
|
|
37
|
57
|
addCerts;
|
