fijimunkii · April 24, 2018 20:33
diff --git a/install_certs_linux.sh b/install_certs_linux.sh
 #!/usr/bin/env bash

 set -e
 set -u
 set -o pipefail

 DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

 if [ -d "$HOME/.pki/nssdb" ]; then
  echo "cert db already initialized"
  exit 1
 fi

 CERT_DB_PASSWORD_FILE=$(mktemp -q) \
  && head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13 > $CERT_DB_PASSWORD_FILE \
  && mkdir -p $HOME/.pki/nssdb && certutil -d $HOME/.pki/nssdb -N -f $CERT_DB_PASSWORD_FILE

 for file in $DIR/cert/*.p12; do
  [ -e "$file" ] || continue
  pk12util -d sql:$HOME/.pki/nssdb -i $file -w $file.pass -k $CERT_DB_PASSWORD_FILE
 done

 shred -vzn 2 $CERT_DB_PASSWORD_FILE
	#!/usr/bin/env bash

	set -e
	set -u
	set -o pipefail

	DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

	if [ -d "$HOME/.pki/nssdb" ]; then
	echo "cert db already initialized"
	exit 1
	fi

	CERT_DB_PASSWORD_FILE=$(mktemp -q) \
	&& head /dev/urandom \| tr -dc A-Za-z0-9 \| head -c 13 > $CERT_DB_PASSWORD_FILE \
	&& mkdir -p $HOME/.pki/nssdb && certutil -d $HOME/.pki/nssdb -N -f $CERT_DB_PASSWORD_FILE

	for file in $DIR/cert/*.p12; do
	[ -e "$file" ] \|\| continue
	pk12util -d sql:$HOME/.pki/nssdb -i $file -w $file.pass -k $CERT_DB_PASSWORD_FILE
	done

	shred -vzn 2 $CERT_DB_PASSWORD_FILE