diff options
Diffstat (limited to 'src/gns/gnunet-gns-proxy-setup-ca')
-rw-r--r-- | src/gns/gnunet-gns-proxy-setup-ca | 33 |
1 files changed, 21 insertions, 12 deletions
diff --git a/src/gns/gnunet-gns-proxy-setup-ca b/src/gns/gnunet-gns-proxy-setup-ca index 5686e37f7..c2182d869 100644 --- a/src/gns/gnunet-gns-proxy-setup-ca +++ b/src/gns/gnunet-gns-proxy-setup-ca | |||
@@ -32,30 +32,39 @@ GNSCANO=`mktemp /tmp/gnscakeynoencXXXXXX.pem` | |||
32 | GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options` | 32 | GNS_CA_CERT_PEM=`gnunet-config -s gns-proxy -o PROXY_CACERT -f $options` |
33 | mkdir -p `dirname $GNS_CA_CERT_PEM` | 33 | mkdir -p `dirname $GNS_CA_CERT_PEM` |
34 | 34 | ||
35 | openssl req -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System" | 35 | openssl req -new -x509 -days 3650 -extensions v3_ca -keyout $GNSCAKY -out $GNSCERT -subj "/C=ZZ/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System" |
36 | 36 | ||
37 | echo "Removing passphrase from key" | 37 | echo "Removing passphrase from key" |
38 | openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO | 38 | openssl rsa -passin pass:"GNU Name System" -in $GNSCAKY -out $GNSCANO |
39 | 39 | ||
40 | echo "Making private key available to gnunet-gns-proxy" | ||
40 | cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM | 41 | cat $GNSCERT $GNSCANO > $GNS_CA_CERT_PEM |
41 | 42 | ||
42 | echo "Importing CA into browsers" | 43 | echo "Importing CA into browsers" |
43 | for f in ~/.mozilla/firefox/*.default | 44 | for f in ~/.mozilla/firefox/*.default/ |
44 | do | 45 | do |
45 | if [ -d $f ]; then | 46 | if [ -d $f ]; then |
46 | echo "Importing CA info Firefox $f" | 47 | echo "Importing CA info Firefox at $f/" |
47 | certutil -D -n "GNS Proxy CA" -d ~/.mozilla/firefox/*.default >/dev/null 2&>1 | 48 | # delete old certificate (if any) |
48 | certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.mozilla/firefox/*.default < $GNSCERT | 49 | certutil -D -n "GNS Proxy CA" -d "$f" >/dev/null 2>/dev/null |
50 | # add new certificate | ||
51 | certutil -A -n "GNS Proxy CA" -t CT,, -d "$f" < $GNSCERT | ||
49 | fi | 52 | fi |
50 | done | 53 | done |
51 | 54 | ||
52 | if [ -d ~/.pki/nssdb ]; then | 55 | if [ -d ~/.pki/nssdb/ ]; then |
53 | echo "Importing CA into Chrome" | 56 | echo "Importing CA into Chrome at ~/.pki/nssdb/" |
54 | certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb >/dev/null 2&>1 | 57 | # delete old certificate (if any) |
55 | certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb < $GNSCERT | 58 | certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb/ >/dev/null 2>/dev/null |
59 | # add new certificate | ||
60 | certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb/ < $GNSCERT | ||
56 | fi | 61 | fi |
57 | 62 | ||
63 | echo "Cleaning up." | ||
64 | rm -f $GNSCAKY $GNSCANO $GNSCERT | ||
58 | 65 | ||
59 | rm $GNSCAKY $GNSCANO $GNSCERT | 66 | echo "===================================" |
60 | 67 | echo "You can now start gnunet-gns-proxy." | |
61 | echo "You can now start gnunet-gns-proxy and configure your browser to use a SOCKS proxy on port 7777" | 68 | echo "Afterwards, configure your browser " |
69 | echo " to use a SOCKS proxy on port 7777." | ||
70 | echo "===================================" | ||