certificate setup for openSUSE

gpproton · Jul 16, 2023 · 3bf01a9 · 3bf01a9
1 parent 9de60b4
commit 3bf01a9
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 13 deletions.
diff --git a/certificate/setup.sh b/certificate/setup.sh
@@ -6,28 +6,42 @@ function setup_certificate() {
     certificate_config="certificate/localhost.conf"
 
     if [[ -d $HOME/certificate ]]; then
-        echo "$(dirname $0)/$certificate_config"
+        rm -rf $certificate_root/*
         cp "$(dirname $0)/$certificate_config" $HOME/$certificate_config
 
         if [[ -f $HOME/$certificate_config ]]; then
             echo "generating certificate keys"
-            openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
+            openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
                 -keyout $certificate_root/localhost.key \
                 -out $certificate_root/localhost.crt \
                 -config $certificate_root/localhost.conf
+            echo "converting crt file to pem"
+            openssl x509 -inform pem -in $certificate_root/localhost.crt -out $certificate_root/localhost.pem
         fi
 
-        if [[ $os_variant == "openSUSE" ]]; then
-            echo "apply private key for $os_variant"
-            sudo cp $certificate_root/localhost.crt /usr/share/pki/trust/anchors
-            sudo update-ca-certificates
-        fi
+        if [[ $os_type -eq "linux" ]]; then
+            if [[ $os_variant -eq "opensuse" ]]; then
+                echo "apply private key for $os_variant"
+                ## posible cert locations
+                # 0: /usr/share/pki/trust/anchors
+                # 1: /etc/pki/trust/anchors
+                sudo cp $certificate_root/localhost.crt /etc/pki/trust/anchors
+                sudo update-ca-certificates
+            fi
 
-        if [[ -f $certificate_root/localhost.crt ]]; then
-            echo verifing generated certificate..
-            openssl verify $certificate_root/localhost.crt
-        fi
+            if [[ -f $certificate_root/localhost.crt ]]; then
+                echo "======================================"
+                echo "verifing generated certificate.."
+                openssl verify -CAfile $certificate_root/localhost.pem $certificate_root/localhost.crt
 
+                echo "genrtate combined certificate file"
+                rm -rf $HOME/localhost.pfx
+                openssl pkcs12 -export \
+                    -passout 'pass:' \
+                    -out $HOME/localhost.pfx \
+                    -inkey $certificate_root/localhost.key \
+                    -in $certificate_root/localhost.crt
+            fi
+        fi
     fi
-
 }
diff --git a/setup.sh b/setup.sh
@@ -57,7 +57,7 @@ case $1 in
 "docker")
     echo "Starting docker setup..."
     ;;
-"certificate")
+"cert")
     echo "Starting self signed certificate setup..."
     certificate="$(dirname $0)/certificate/setup.sh"
     if [ -f $certificate ]; then source $certificate && setup_certificate; fi