Add specific Debian use case in install script

This commit is contained in:
Alexandre CATTEAU 2022-12-26 19:37:27 +01:00
parent deed92b6e2
commit f08edbcc2a
2 changed files with 11 additions and 0 deletions

View File

@ -6,3 +6,11 @@ This repository contains a small setup to automate the delivery of our root cert
* `kto.crt` is our current only root certificate * `kto.crt` is our current only root certificate
#### Installation #### Installation
* `install.sh` copies the certificates to the right location and then reloads the system's certificates * `install.sh` copies the certificates to the right location and then reloads the system's certificates
### Firefox
* On Mint, had to use the following so that Firefox uses system CAs:
```
sudo mv /usr/lib/firefox/libnssckbi.so /usr/lib/firefox/libnssckbi.so.bak
sudo ln -s /usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/firefox/libnssckbi.so
```
* Stil unclear: Will this be overwritten at Firefox update?

View File

@ -20,6 +20,9 @@ if command -v update-ca-trust > /dev/null; then
elif command -v update-ca-certificates > /dev/null; then elif command -v update-ca-certificates > /dev/null; then
$sudo cp $run_directory/*.crt /usr/local/share/ca-certificates/ $sudo cp $run_directory/*.crt /usr/local/share/ca-certificates/
$sudo update-ca-certificates $sudo update-ca-certificates
elif [ -f /usr/sbin/update-ca-certificates ]; then # Debian...
$sudo cp $run_directory/*.crt /usr/local/share/ca-certificates/
$sudo update-ca-certificates
else else
echo "No update-ca binary found. Exiting with error!" echo "No update-ca binary found. Exiting with error!"
exit 1 exit 1