diff options
| -rw-r--r-- | modules/cert.inc | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/modules/cert.inc b/modules/cert.inc new file mode 100644 index 0000000..3b4a222 --- /dev/null +++ b/modules/cert.inc @@ -0,0 +1,29 @@ +#!/bin/bash + +# Convert .pem certificates from <src> to an sqlite +# nssdb at <dest>. The destination DB will be created +# if it does not exist, otherwise the certificates will +# be added to the existing nssdb. +# cert_to_db <src> <dst> +cert_to_nssdb() { + local db="$2" + local src="$1" + if ! [ -f "$db/cert9.db" ] && ! [ -f "$db/key4.db" ]; then + mkdir -p "$db" || return 1 + certutil -N --empty-password -d sql:"$db" || return 1 + fi + if [ -f "$src" ]; then + certutil -A -d sql:"$db" -n "$( basename "$src" )" -t C,C,C -i "$src" + return # pass exit code + fi + if [ -d "$src" ]; then + find "$src" \( -type f -o -type l \) -name "*.pem" | while read -r file; do + file="$( readlink -f "$file" )" + # Make sure there's nothing after this call so the exit code survives the loop end + certutil -A -d sql:"$db" -n "$( basename "$file" )" -t C,C,C -i "$file" + done + return # pass exit code from within loop + fi + echo "Source is not a file or directory" >&2 + return 1 +} |