26 lines
681 B
Bash
26 lines
681 B
Bash
#!/bin/bash
|
|
|
|
set -eo pipefail
|
|
|
|
DESTDIR=/usr/local/share/ca-certificates
|
|
UPDATE_CERTS_CMD=update-ca-certificates
|
|
CERTS="$(cat <<EOF
|
|
https://letsencrypt.org/certs/isrgrootx1.pem
|
|
https://letsencrypt.org/certs/isrg-root-x2.pem
|
|
https://letsencrypt.org/certs/lets-encrypt-r3.pem
|
|
https://letsencrypt.org/certs/lets-encrypt-e1.pem
|
|
https://letsencrypt.org/certs/lets-encrypt-r4.pem
|
|
https://letsencrypt.org/certs/lets-encrypt-e2.pem
|
|
EOF
|
|
)"
|
|
|
|
cd "$DESTDIR"
|
|
|
|
for cert in $CERTS; do
|
|
echo "Downloading '$cert'..."
|
|
filename=$(basename "$cert")
|
|
wget --tries=10 --timeout=30 -O "$filename" "$cert"
|
|
openssl x509 -in "$filename" -inform PEM -out "$filename.crt"
|
|
done
|
|
|
|
$UPDATE_CERTS_CMD |