#!/QOpenSys/usr/bin/ksh# Attribution: Kevin Adler set -e
exportLC_ALL=C LANG=C
OPENSSL=$(which openssl 2> /dev/null)if["$OPENSSL"=""]thenecho"openssl not found"exit1elif["$OPENSSL"='/QOpenSys/usr/bin/openssl']thencase$(uname -v)$(uname -r) in
[1-6]*)echo"Sorry, these releases are not supported";exit1;;71)CERTDIR=/QOpenSys/QIBM/ProdData/SC1/OpenSSL/openssl-0.9.8j/certs ;; *)CERTDIR=/QOpenSys/QIBM/ProdData/SC1/OpenSSL/certs ;;esacelseCERTDIR=/QOpenSys/etc/ssl/certs
fiif which curl > /dev/null 2>&1thenCURL='curl --insecure --silent --location'elif which wget > /dev/null 2>&1thenCURL='wget --no-check-certificate -qO-'elseecho"You need to install either curl or wget. Perhaps they're just not in your PATH?"exit1fi# Create a directory to hold certificatesif["$CERTTMP"=""]thenCERTTMP=/tmp/certs.$$ rm -r $CERTTMP > /dev/null 2>&1|| :
mkdir -p $CERTTMPCLEANUP=Y
fi# GitHub and BitBucket uses DigiCert certificatesfor cert in DigiCertHighAssuranceEVRootCA DigiCertSHA2ExtendedValidationServerCA
do$CURL https://www.digicert.com/CACerts/$cert.crt | openssl x509 -inform der -out $CERTTMP/$cert.pem
done# GitLab uses Comodo certificates$CURL"https://support.comodo.com/index.php?/Knowledgebase/Article/GetAttachment/970/821027" > $CERTTMP/comodorsadomainvalidationsecureserverca.crt
$CURL"https://support.comodo.com/index.php?/Knowledgebase/Article/GetAttachment/969/821026" > $CERTTMP/comodorsacertificationauthority.crt
# Let's Encrypt certificatesfor cert in isrgrootx1 letsencryptauthorityx3
do$CURL https://letsencrypt.org/certs/$cert.pem.txt > $CERTTMP/$cert.pem
donec_rehash $CERTTMP/QOpenSys/usr/bin/cp -h $CERTTMP/* $CERTDIR# Clean up if necessaryif["CLEANUP"="Y"]then rm -r $CERTTMPfi
Comments (0)
HTTPSSSH
You can clone a snippet to your computer for local editing.
Learn more.