modules/cert.inc


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

#!/bin/bash

# Convert .pem certificates from <src> to an sqlite
# nssdb at <dest>. The destination DB will be created
# if it does not exist, otherwise the certificates will
# be added to the existing nssdb.
# cert_to_db <src> <dst>
cert_to_nssdb() {
	local db="$2"
	local src="$1"
	if ! [ -f "$db/cert9.db" ] && ! [ -f "$db/key4.db" ]; then
		mkdir -p "$db" || return 1
		certutil -N --empty-password -d sql:"$db" || return 1
	fi
	if [ -f "$src" ]; then
		certutil -A -d sql:"$db" -n "$( basename "$src" )" -t C,C,C -i "$src"
		return # pass exit code
	fi
	if [ -d "$src" ]; then
		find "$src" \( -type f -o -type l \) -name "*.pem" | while read -r file; do
			file="$( readlink -f "$file" )"
			# Make sure there's nothing after this call so the exit code survives the loop end
			certutil -A -d sql:"$db" -n "$( basename "$file" )" -t C,C,C -i "$file"
		done
		return # pass exit code from within loop
	fi
	echo "Source is not a file or directory" >&2
	return 1
}