1
2
3
4
5
6
7
8
|
all: cert-1.crt CPCA_TRCA.crt CommonPolicy.crt
grep -l 'Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA' *.crt | xargs rm -f
grep -l 'Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA' *.crt | xargs grep -H 'Issuer:' | grep -v 'Issuer: C=us, O=U.S. Government, OU=FBCA, CN=Common Policy' | cut -f 1 -d : | xargs rm -f
CPCA_TRCA.crt:
wget -O - --no-check-certificate https://pki.treas.gov/CPCA_TRCA.cer | openssl x509 -text > "$@.new"
mv "$@.new" "$@"
|
>
>
|
|
1
2
3
4
5
6
7
8
9
10
|
all: certs USG-federal-bundle.pem
certs: cert-1.crt CPCA_TRCA.crt CommonPolicy.crt
grep -l 'Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA' *.crt | xargs rm -f
grep -l 'Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA' *.crt | xargs grep -H 'Issuer:' | grep -v 'Issuer: C=us, O=U.S. Government, OU=FBCA, CN=Common Policy' | cut -f 1 -d : | xargs rm -f
CPCA_TRCA.crt:
wget -O - --no-check-certificate https://pki.treas.gov/CPCA_TRCA.cer | openssl x509 -text > "$@.new"
mv "$@.new" "$@"
|
29
30
31
32
33
34
35
36
37
38
39
40
41
|
fi; \
echo "$${line}" >> "cert-$${idx}.crt"; \
if [ "$${line}" == "-----END CERTIFICATE-----" ]; then \
idx=$$[$$idx + 1]; \
fi; \
done
clean:
rm -f cert-*.crt
rm -f CPCA_TRCA.crt.new root_sia.p7b.new caCertsIssuedTofcpca.p7c.new CommonPolicy.crt.new
distclean: clean
rm -f CPCA_TRCA.crt root_sia.p7b caCertsIssuedTofcpca.p7c CommonPolicy.crt
|
>
>
>
>
>
>
|
>
>
|
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
fi; \
echo "$${line}" >> "cert-$${idx}.crt"; \
if [ "$${line}" == "-----END CERTIFICATE-----" ]; then \
idx=$$[$$idx + 1]; \
fi; \
done
USG-federal-bundle.pem: certs
../build-tree.sh > "$@"
USG-federal-bundle.pk7: USG-federal-bundle.pem
openssl crl2pkcs7 -outform der -nocrl -certfile USG-federal-bundle.pem > USG-federal-bundle.pk7
clean:
rm -f cert-*.crt USG-federal-bundle.pem USG-federal-bundle.pk7
rm -f CPCA_TRCA.crt.new root_sia.p7b.new caCertsIssuedTofcpca.p7c.new CommonPolicy.crt.new
distclean: clean
rm -f CPCA_TRCA.crt root_sia.p7b caCertsIssuedTofcpca.p7c CommonPolicy.crt
.PHONY: all certs
|