linux下添加自签名根证书的脚本


#!/bin/sh

usage() {
    ex="${1:-0}"
    echo "Usage: $0 <host> [<port>]"
    echo "\n\tPort will be set to 443 by default"
    exit $ex
}

host="$1"
if [ -z $host ] ; then
    usage 1
fi
port="${2:-443}"
ssl=/usr/bin/openssl
cu=/usr/bin/certutil
tmp="$(tempfile)"

trap 'rm $tmp' 1 2 3 15

echo |
    openssl s_client -connect $host:$port 2>&1 |
    sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > $tmp
certutil -d sql:$HOME/.pki/nssdb -A -t CP,,C -n "$host" -i $tmp
rm $tmp


你可能感兴趣的:(linux下添加自签名根证书的脚本)