| 185 |
rodolico |
1 |
#!/bin/bash
|
|
|
2 |
|
|
|
3 |
# Check if the required parameters are provided
|
|
|
4 |
if [ $# -ne 2 ]; then
|
|
|
5 |
echo "Usage: $0 <target_machine> <path_to_ca_cert>"
|
|
|
6 |
echo "Example: $0 target_machine /path/to/ca.pem"
|
|
|
7 |
exit 1
|
|
|
8 |
fi
|
|
|
9 |
|
|
|
10 |
TARGET_MACHINE=$1
|
|
|
11 |
CA_CERT_PATH=$2
|
|
|
12 |
CA_ROOT_FILENAME=$(basename "$CA_CERT_PATH")
|
|
|
13 |
|
|
|
14 |
# Check if the CA certificate file exists locally
|
|
|
15 |
if [ ! -f "$CA_CERT_PATH" ]; then
|
|
|
16 |
echo "CA certificate not found at $CA_CERT_PATH"
|
|
|
17 |
exit 1
|
|
|
18 |
fi
|
|
|
19 |
|
|
|
20 |
# Copy the CA certificate to the target machine
|
|
|
21 |
echo "Copying CA certificate $CA_CERT_PATH to $TARGET_MACHINE:/tmp/$CA_ROOT_FILENAME"
|
|
|
22 |
scp "$CA_CERT_PATH" root@"$TARGET_MACHINE":/tmp/$CA_ROOT_FILENAME
|
|
|
23 |
|
|
|
24 |
# Connect to the target machine and determine the OS
|
|
|
25 |
ssh root@"$TARGET_MACHINE" << EOF
|
|
|
26 |
# Detect the OS
|
|
|
27 |
if [ -f /etc/debian_version ]; then
|
|
|
28 |
echo "Detected Debian/Devuan system."
|
|
|
29 |
# Install the CA certificate
|
|
|
30 |
cp /tmp/$CA_ROOT_FILENAME /usr/local/share/ca-certificates/
|
|
|
31 |
update-ca-certificates
|
|
|
32 |
|
|
|
33 |
elif [ -f /etc/redhat-release ]; then
|
|
|
34 |
echo "Detected Red Hat/CentOS system."
|
|
|
35 |
# Install the CA certificate
|
|
|
36 |
cp /tmp/$CA_ROOT_FILENAME /etc/pki/ca-trust/source/anchors/
|
|
|
37 |
update-ca-trust
|
|
|
38 |
|
|
|
39 |
elif [ "$(uname)" = "FreeBSD" ]; then
|
|
|
40 |
echo "Detected FreeBSD system."
|
|
|
41 |
# Install the CA certificate
|
|
|
42 |
cp /tmp/$CA_ROOT_FILENAME /usr/local/share/certs/ca.pem
|
|
|
43 |
c_rehash /usr/local/share/certs/
|
|
|
44 |
|
|
|
45 |
else
|
|
|
46 |
echo "Unsupported OS. Exiting."
|
|
|
47 |
exit 1
|
|
|
48 |
fi
|
|
|
49 |
|
|
|
50 |
echo "CA certificates updated successfully."
|
|
|
51 |
EOF
|
|
|
52 |
|
|
|
53 |
echo "CA certificate installation completed on $TARGET_MACHINE."
|