diff options
author | Philipp Kern <pkern@debian.org> | 2008-03-19 14:32:06 +0100 |
---|---|---|
committer | Philipp Kern <pkern@debian.org> | 2008-03-19 14:32:06 +0100 |
commit | ec9311ac6b70963e9a1feb14341c07fbbea377a2 (patch) | |
tree | 8cf184b091a970984cd7f29c15ef6cbc38774d9b /sbin | |
download | ca-certificates-ec9311ac6b70963e9a1feb14341c07fbbea377a2.tar.gz |
Imported Debian version 20050518debian/20050518
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/Makefile | 11 | ||||
-rw-r--r-- | sbin/update-ca-certificates | 74 | ||||
-rw-r--r-- | sbin/update-ca-certificates.8 | 63 |
3 files changed, 148 insertions, 0 deletions
diff --git a/sbin/Makefile b/sbin/Makefile new file mode 100644 index 0000000..a9658e7 --- /dev/null +++ b/sbin/Makefile @@ -0,0 +1,11 @@ +# +# Makefile +# +# + +all: + +clean: + +install: + install -m755 update-ca-certificates $(DESTDIR)/usr/sbin/ diff --git a/sbin/update-ca-certificates b/sbin/update-ca-certificates new file mode 100644 index 0000000..5c349e2 --- /dev/null +++ b/sbin/update-ca-certificates @@ -0,0 +1,74 @@ +#!/bin/sh -e +# +# update-ca-certificates +# +# Copyright (c) 2003 Fumitoshi UKAI <ukai@debian.or.jp> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +verbose=0 +fresh=0 +while [ $# -gt 0 ]; +do + case $1 in + --verbose|-v) + verbose=1;; + --fresh|-f) + fresh=1;; + --help|-h|*) + echo "$0: [--verbose] [--fresh]" + exit;; + esac + shift +done + +CERTSCONF=/etc/ca-certificates.conf +CERTSDIR=/usr/share/ca-certificates +CERTBUNDLE=ca-certificates.crt +cd /etc/ssl/certs +if [ "$fresh" = 1 ]; then + echo -n "Clearing symlinks in /etc/ssl/certs..." + find . -type l -print0 | xargs -0 rm -f + echo "done." +fi +echo -n "Updating certificates in /etc/ssl/certs...." + +bundletmp=`mktemp "${CERTBUNDLE}.tmp.XXXXXX"` +sed -ne 's/^!//p' $CERTSCONF | while read crt +do + if test "$crt" = ""; then continue; fi + pem=$(basename "$crt" .crt).pem + if test -e "$pem"; then rm -f "$pem"; fi +done + +sed -e '/^#/d' -e '/^!/d' $CERTSCONF | while read crt +do + if test "$crt" = ""; then continue; fi + if ! test -f "$CERTSDIR/$crt"; then continue; fi + pem=$(basename "$crt" .crt).pem + ln -sf "$CERTSDIR/$crt" "$pem" + cat "$CERTSDIR/$crt" >> "$bundletmp" +done +chmod 0644 "$bundletmp" +mv -f "$bundletmp" "$CERTBUNDLE" + +if [ "$verbose" = 0 ]; then + c_rehash . > /dev/null 2>&1 +else + c_rehash . +fi +echo "done." + diff --git a/sbin/update-ca-certificates.8 b/sbin/update-ca-certificates.8 new file mode 100644 index 0000000..38d0386 --- /dev/null +++ b/sbin/update-ca-certificates.8 @@ -0,0 +1,63 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" First parameter, NAME, should be all caps +.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection +.\" other parameters are allowed: see man(7), man(1) +.TH UPDATE-CA-CERTIFICATES 8 "20 April 2003" +.\" Please adjust this date whenever revising the manpage. +.\" +.\" Some roff macros, for reference: +.\" .nh disable hyphenation +.\" .hy enable hyphenation +.\" .ad l left justify +.\" .ad b justify to both left and right margins +.\" .nf disable filling +.\" .fi enable filling +.\" .br insert line break +.\" .sp <n> insert n+1 empty lines +.\" for manpage-specific macros, see man(7) +.SH NAME +update-ca-certificates \- update /etc/ssl/certs and certificates.crt +.SH SYNOPSIS +.B update-ca-certificates +.RI [ options ] +.SH DESCRIPTION +This manual page documents briefly the +.B update-ca-certificates +commands. +This manual page was written for the Debian distribution. +.PP +\fBupdate-ca-certificates\fP is a program that updates /etc/ssl/certs +directory to hold SSL certificates and generates certificates.crt that is +single-file version of CA certificates. +.PP +It reads /etc/ca-certificates.conf file. Each lines list pathname of +activated CA certificates under /usr/share/ca-certificates. +Lines that begin with "#" is comment line. +Lines that begin with "!" is deselect, deactivation of the CA certificates. +.SH OPTIONS +A summary of options is included below. +.TP +.B \-h, \-\-help +Show summary of options. +.TP +.B \-v, \-\-verbose +Be verbose. Output \fBc_rehash\fP. +.TP +.B \-f, \-\-fresh +Fresh updates. Remove symlinks in /etc/ssl/certs directory. +.SH FILES +.TP +.I /etc/ca-certificates.conf +A configuration file. +.TP +.I /etc/ssl/certs/ca-certificates.crt +A single-file version of CA certificates. This hold +all CA certificates that you activated in /etc/ca-certificates.conf. +.TP +.I /usr/share/ca-certificates +Directory of CA certificates. +.SH SEE ALSO +.BR c_rehash (1), +.SH AUTHOR +This manual page was written by Fumitoshi UKAI <ukai@debian.or.jp>, +for the Debian project (but may be used by others). |