rpms / ca-certificates

Clone
Source Code
GIT

Blame SOURCES/update-ca-trust

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   77503bdf63848bd6458c7eda6afe240e42db0669
  2.   SOURCES
  3.   update-ca-trust
Blob History Raw
77503b 
#!/bin/sh
77503b
77503b 
#set -vx
77503b
77503b 
# At this time, while this script is trivial, we ignore any parameters given.
77503b 
# However, for backwards compatibility reasons, future versions of this script must
77503b 
# support the syntax "update-ca-trust extract" trigger the generation of output
77503b 
# files in $DEST.
77503b
77503b 
DEST=/etc/pki/ca-trust/extracted
77503b
77503b 
# Prevent p11-kit from reading user configuration files.
77503b 
export P11_KIT_NO_USER_CONFIG=1
77503b
77503b 
# OpenSSL PEM bundle that includes trust flags
77503b 
# (BEGIN TRUSTED CERTIFICATE)
77503b 
/usr/bin/p11-kit extract --format=openssl-bundle --filter=certificates --overwrite --comment $DEST/openssl/ca-bundle.trust.crt
77503b 
/usr/bin/p11-kit extract --format=pem-bundle --filter=ca-anchors --overwrite --comment --purpose server-auth $DEST/pem/tls-ca-bundle.pem
77503b 
/usr/bin/p11-kit extract --format=pem-bundle --filter=ca-anchors --overwrite --comment --purpose email $DEST/pem/email-ca-bundle.pem
77503b 
/usr/bin/p11-kit extract --format=pem-bundle --filter=ca-anchors --overwrite --comment --purpose code-signing $DEST/pem/objsign-ca-bundle.pem
77503b 
/usr/bin/p11-kit extract --format=java-cacerts --filter=ca-anchors --overwrite --purpose server-auth $DEST/java/cacerts
77503b 
/usr/bin/p11-kit extract --format=edk2-cacerts --filter=ca-anchors --overwrite --purpose=server-auth $DEST/edk2/cacerts.bin

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation