mirror of
https://github.com/servo/servo.git
synced 2025-08-03 04:30:10 +01:00
Alternative CA database generator
This commit is contained in:
Jan Andre Ikenmeyer
parent
7c65505df3
commit
b9ac97051f
1 changed files with 26 additions and 0 deletions
26
etc/cert_generator.sh
Executable file
26
etc/cert_generator.sh
Executable file
|
|
@ -0,0 +1,26 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# This Source Code Form is subject to the terms of the Mozilla Public
|
||||
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
# file, You can obtain one at https://mozilla.org/MPL/2.0/.
|
||||
|
||||
set -o errexit
|
||||
set -o nounset
|
||||
set -o pipefail
|
||||
|
||||
# https://wiki.mozilla.org/CA/Included_Certificates
|
||||
# 1. Mozilla's official CA database CSV file is downloaded with curl
|
||||
# and processed with awk.
|
||||
# 2. Rows end with `"\n`.
|
||||
# 3. Each row is split by ^" and "," into columns.
|
||||
# 4. Single and double quotes are removed from column 30.
|
||||
# 5. If column 13 (12 in the csv file) contains `Websites`
|
||||
# (some are Email-only), column 30 is printed, the raw certificate.
|
||||
# 6. All CA certs trusted for Websites are stored into the `certs` file.
|
||||
|
||||
domain="ccadb-public.secure.force.com";
|
||||
curl "https://${domain}/mozilla/IncludedCACertificateReportPEMCSV" -sSf | \
|
||||
gawk -v RS="\"\n" -F'","|^"' \
|
||||
'{gsub("\047","",$(30));gsub("\"","",$(30));if($(13)~/Websites/)print $(30)}' \
|
||||
> certs
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue