1
2
3
4
5
6
7
8
|
1
2
3
4
5
6
7
8
9
10
|
+
+
-
+
|
all: certs USG-federal-bundle.pem
all: cert-1.crt CPCA_TRCA.crt CommonPolicy.crt
certs: cert-1.crt CPCA_TRCA.crt CommonPolicy.crt
grep -l 'Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA' *.crt | xargs rm -f
grep -l 'Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA' *.crt | xargs grep -H 'Issuer:' | grep -v 'Issuer: C=us, O=U.S. Government, OU=FBCA, CN=Common Policy' | cut -f 1 -d : | xargs rm -f
CPCA_TRCA.crt:
wget -O - --no-check-certificate https://pki.treas.gov/CPCA_TRCA.cer | openssl x509 -text > "$@.new"
mv "$@.new" "$@"
|
︙ | | |
29
30
31
32
33
34
35
36
37
38
39
40
41
|
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
+
+
+
-
+
+
+
|
fi; \
echo "$${line}" >> "cert-$${idx}.crt"; \
if [ "$${line}" == "-----END CERTIFICATE-----" ]; then \
idx=$$[$$idx + 1]; \
fi; \
done
USG-federal-bundle.pem: certs
../build-tree.sh > "$@"
clean:
rm -f cert-*.crt
rm -f cert-*.crt USG-federal-bundle.pem
rm -f CPCA_TRCA.crt.new root_sia.p7b.new caCertsIssuedTofcpca.p7c.new CommonPolicy.crt.new
distclean: clean
rm -f CPCA_TRCA.crt root_sia.p7b caCertsIssuedTofcpca.p7c CommonPolicy.crt
.PHONY: all certs
|
| |