Jenkins/resources/com/cadoles/common/add-letsencrypt-ca.sh

34 lines
847 B
Bash
Raw Normal View History

#!/bin/sh
set -eo pipefail
DESTDIR=/usr/local/share/ca-certificates
if [ ! -d "$DESTDIR" ]; then
DESTDIR=/etc/pki/ca-trust/source/anchors
fi
UPDATE_CERTS_CMD=update-ca-certificates
if [ -z "$(which $UPDATE_CERTS_CMD)" ]; then
UPDATE_CERTS_CMD="update-ca-trust extract"
fi
CERTS="$(cat <<EOF
https://letsencrypt.org/certs/isrgrootx1.pem
https://letsencrypt.org/certs/isrg-root-x2.pem
https://letsencrypt.org/certs/lets-encrypt-r3.pem
https://letsencrypt.org/certs/lets-encrypt-e1.pem
https://letsencrypt.org/certs/lets-encrypt-r4.pem
https://letsencrypt.org/certs/lets-encrypt-e2.pem
EOF
)"
cd "$DESTDIR"
for cert in $CERTS; do
echo "Downloading '$cert'..."
filename=$(basename "$cert")
wget --tries=10 --timeout=30 -O "$filename" "$cert"
openssl x509 -in "$filename" -inform PEM -out "$filename.crt"
done
$UPDATE_CERTS_CMD