+#!/bin/sh
echo "Generating CA"
-openssl req -new -x509 -days 3650 -extensions v3_ca -keyout gnscakey.pem -out gnscacert.pem -subj "/C=DE/ST=Bavaria/L=Munich/O=TUM/OU=IN/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNUnet Naming System"
+openssl req -new -x509 -days 3650 -extensions v3_ca -keyout gnscakey.pem -out gnscacert.pem -subj "/C=TNR/L=World/O=GNU/OU=GNUnet/CN=GNS Proxy CA/emailAddress=bounce@gnunet.org" -passout pass:"GNU Name System"
echo "Removing passphrase from key"
-openssl rsa -passin pass:"GNUnet Naming System" -in gnscakey.pem -out gnscakeynoenc.pem
+openssl rsa -passin pass:"GNU Name System" -in gnscakey.pem -out gnscakeynoenc.pem
cp gnscacert.pem $HOME/.gnunet/gns/gnscert.pem
cat gnscacert.pem > $HOME/.gnunet/gns/gnsCAcert.pem
cat gnscakeynoenc.pem >> $HOME/.gnunet/gns/gnsCAcert.pem
+echo "Importing CA into browsers"
+for f in ~/.mozilla/firefox/*.default
+do
+ if [ -d $f ]; then
+ echo "Importing CA info firefox $f"
+ certutil -D -n "GNS Proxy CA" -d ~/.mozilla/firefox/*.default >/dev/null 2&>1
+ certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.mozilla/firefox/*.default < gnscacert.pem
+ fi
+done
+
+if [ -d ~/.pki/nssdb ]; then
+ echo "Importing CA into chrome"
+ certutil -D -n "GNS Proxy CA" -d ~/.pki/nssdb >/dev/null 2&>1
+ certutil -A -n "GNS Proxy CA" -t CT,, -d ~/.pki/nssdb < gnscacert.pem
+fi
+
+
rm gnscakey.pem gnscakeynoenc.pem gnscacert.pem
-echo "Next steps:"
-echo "1. The new CA will be used automatically by the proxy with the default settings"
-echo "2. Please import the certificate $HOME/.gnunet/gns/gnscert.pem into the browser of your choice"
-echo "3. Start gnunet-gns-proxy and configure your broser to use a SOCKS proxy on port 7777"
+echo "You can now start gnunet-gns-proxy and configure your browser to use a SOCKS proxy on port 7777"
projects / oweals / gnunet.git / blobdiff