make-ca: Fix output of NSSDB and Java PCKS#12 stores.

This commit is contained in:
DJ Lucas 2021-08-05 01:13:05 -05:00
parent d857f7c530
commit 2284b419ed
2 changed files with 5 additions and 7 deletions

View File

@ -8,6 +8,7 @@
and generate a trusted certificate for use in LOCALDIR and generate a trusted certificate for use in LOCALDIR
- Add nss-{server,email}-distrust-after values in anchors - Add nss-{server,email}-distrust-after values in anchors
- Use --filter=certificates for all stores - Use --filter=certificates for all stores
- Fix output of NSSDB and Java PCKS#12 stores
1.7 - Revert help2man update (requires complete perl environment) 1.7 - Revert help2man update (requires complete perl environment)
1.6 - Fix install target for make -j# 1.6 - Fix install target for make -j#
- Add detailed dependency info and add note about configuration file - Add detailed dependency info and add note about configuration file

11
make-ca
View File

@ -536,7 +536,7 @@ function write_nss_db() {
"${CERTUTIL}" -d "sql:${1}" -A \ "${CERTUTIL}" -d "sql:${1}" -A \
-t "${satrust},${smtrust},${cstrust}" \ -t "${satrust},${smtrust},${cstrust}" \
-n "${p11label}" -i "${2}" -n "${p11label}" -i "${2}" > /dev/null 2>&1
echo "Added to NSS shared DB with trust '${satrust},${smtrust},${cstrust}'." echo "Added to NSS shared DB with trust '${satrust},${smtrust},${cstrust}'."
} }
@ -571,10 +571,8 @@ function write_java_p12() {
"${KEYTOOL}" -importcert -file "${2}" -storetype PKCS12 \ "${KEYTOOL}" -importcert -file "${2}" -storetype PKCS12 \
-noprompt -alias "${p11label}" -storepass 'changeit' \ -noprompt -alias "${p11label}" -storepass 'changeit' \
-keystore "${1}" $EKUVAL \ -keystore "${1}" $EKUVAL \
> /dev/null 2>&1 | \ > /dev/null 2>&1
sed -e "s@Certificate was a@A@" \ echo "Added to Java cacerts (PKCS#12) with trust '${satrust},${smtrust},${cstrust}'."
-e 's@keystore@Java cacerts (PKCS#12) with trust '${satrust},${smtrust},${cstrust}'.@' \
| sed 's@p@@'
unset EKU unset EKU
unset EKUVAL unset EKUVAL
fi fi
@ -590,7 +588,6 @@ mkdir -p "${TEMPDIR}"/{certs,pki/anchors,work}
if test "${WITH_P12}" -eq "1"; then if test "${WITH_P12}" -eq "1"; then
test ! -x "${KEYTOOL}" && \ test ! -x "${KEYTOOL}" && \
echo "Java keytool not found at ${KEYTOOL}. Exiting..." && exit 1 echo "Java keytool not found at ${KEYTOOL}. Exiting..." && exit 1
else
mkdir -p "${TEMPDIR}/ssl/java" mkdir -p "${TEMPDIR}/ssl/java"
fi fi
@ -766,7 +763,7 @@ fi
if test "${WITH_P12}" == "1"; then if test "${WITH_P12}" == "1"; then
test -f "${DESTDIR}${KEYSTORE}/cacerts.p12" && test -f "${DESTDIR}${KEYSTORE}/cacerts.p12" &&
rm -f "${DESTDIR}${KEYSTORE}/cacerts.p12" rm -f "${DESTDIR}${KEYSTORE}/cacerts.p12"
install -dm644 "${TEMPDIR}/ssl/java/cacerts.p12" \ install -vm644 "${TEMPDIR}/ssl/java/cacerts.p12" \
"${DESTDIR}${KEYSTORE}/cacerts.p12" "${DESTDIR}${KEYSTORE}/cacerts.p12"
fi fi