Check-in [69e6931bb8]
Overview
Comment:Added Makefile to generate certs for federal CA chain
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | piv
Files: files | file ages | folders
SHA1:69e6931bb8e17824eb2c44c141990bbd68607de9
User & Date: rkeene on 2013-01-10 05:02:10
Other Links: manifest | tags
Context
2013-01-10
05:07
Added Makefile to download DoD Root CAs check-in: d97a4f9c8a user: rkeene tags: piv
05:02
Added Makefile to generate certs for federal CA chain check-in: 69e6931bb8 user: rkeene tags: piv
05:00
Cleaned up debug messages check-in: cfa10c1ef8 user: rkeene tags: piv
Changes

Added build/certs/federal/Makefile version [f3527cc8d2].

            1  +all: cert-1.crt CPCA_TRCA.crt
            2  +
            3  +CPCA_TRCA.crt:
            4  +	wget -O - --no-check-certificate https://pki.treas.gov/CPCA_TRCA.cer | openssl x509 -text > "$@.new"
            5  +	mv "$@.new" "$@"
            6  +
            7  +caCertsIssuedTofcpca.p7c:
            8  +	wget -O "$@.new" http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
            9  +	mv "$@.new" "$@"
           10  +
           11  +root_sia.p7b:
           12  +	wget -O "$@.new" --no-check-certificate https://pki.treas.gov/root_sia.p7b
           13  +	mv "$@.new" "$@"
           14  +
           15  +cert-%.crt: root_sia.p7b caCertsIssuedTofcpca.p7c
           16  +	idx=0; \
           17  +	( \
           18  +		openssl pkcs7 -in root_sia.p7b -inform DER -print_certs -text; \
           19  +		openssl pkcs7 -in caCertsIssuedTofcpca.p7c -inform DER -print_certs -text; \
           20  +	) | while IFS='' read -r line; do \
           21  +		if [ -z "$${line}" ]; then \
           22  +			continue; \
           23  +		fi; \
           24  +		echo "$${line}" >> "cert-$${idx}.crt"; \
           25  +		if [ "$${line}" == "-----END CERTIFICATE-----" ]; then \
           26  +			idx=$$[$$idx + 1]; \
           27  +		fi; \
           28  +	done
           29  +	grep -l 'Subject: C=US, O=U.S. Government, OU=Department of the Treasury, OU=Certification Authorities, OU=US Treasury Root CA' cert-*.crt | xargs rm -f
           30  +
           31  +clean:
           32  +	rm -f cert-*.crt
           33  +	rm -f CPCA_TRCA.crt.new root_sia.p7b.new caCertsIssuedTofcpca.p7c.new
           34  +
           35  +distclean: clean
           36  +	rm -f CPCA_TRCA.crt root_sia.p7b caCertsIssuedTofcpca.p7c