Blame | Last modification | View Log | Download | RSS feed
#!/bin/bash
# Check if the required parameters are provided
if [ $# -ne 2 ]; then
echo "Usage: $0 <target_machine> <path_to_ca_cert>"
echo "Example: $0 target_machine /path/to/ca.pem"
exit 1
fi
TARGET_MACHINE=$1
CA_CERT_PATH=$2
CA_ROOT_FILENAME=$(basename "$CA_CERT_PATH")
# Check if the CA certificate file exists locally
if [ ! -f "$CA_CERT_PATH" ]; then
echo "CA certificate not found at $CA_CERT_PATH"
exit 1
fi
# Copy the CA certificate to the target machine
echo "Copying CA certificate $CA_CERT_PATH to $TARGET_MACHINE:/tmp/$CA_ROOT_FILENAME"
scp "$CA_CERT_PATH" root@"$TARGET_MACHINE":/tmp/$CA_ROOT_FILENAME
# Connect to the target machine and determine the OS
ssh root@"$TARGET_MACHINE" << EOF
# Detect the OS
if [ -f /etc/debian_version ]; then
echo "Detected Debian/Devuan system."
# Install the CA certificate
cp /tmp/$CA_ROOT_FILENAME /usr/local/share/ca-certificates/
update-ca-certificates
elif [ -f /etc/redhat-release ]; then
echo "Detected Red Hat/CentOS system."
# Install the CA certificate
cp /tmp/$CA_ROOT_FILENAME /etc/pki/ca-trust/source/anchors/
update-ca-trust
elif [ "$(uname)" = "FreeBSD" ]; then
echo "Detected FreeBSD system."
# Install the CA certificate
cp /tmp/$CA_ROOT_FILENAME /usr/local/share/certs/ca.pem
c_rehash /usr/local/share/certs/
else
echo "Unsupported OS. Exiting."
exit 1
fi
echo "CA certificates updated successfully."
EOF
echo "CA certificate installation completed on $TARGET_MACHINE."