Instantly share code, notes, and snippets.

Embed
What would you like to do?
Add new certificate (cert) from local/internal intranet to your mac

Add a cert to you macbook

USAGE

~/add_cert.sh my.intra.net

you will be asked for your password to add thit to keychain

  • downloads pem file
  • adds to trusted root certificates
#!/bin/zsh
#
if [ -z "$1" ]; then
echo "provide a domain as an argument"
exit;
fi
d=`date +%Y-%m-%d`
p=~/$1$d.pem
f=~/$1$d.cer
touch $f
touch $p
# path added -- brew openssl....
# echo 'export PATH="/usr/local/opt/openssl@1.1/bin:$PATH"' >> ~/.zshrc
# get pem file
openssl s_client -showcerts -connect "$1:443" -servername $1 </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > $p
# https://stackoverflow.com/questions/13732826/convert-pem-to-crt-and-key
openssl x509 -inform PEM -in $p -outform DER -out $f
#cat $f;exit;
# https://github.com/laravel/homestead/pull/773
# https://stackoverflow.com/questions/45263265/use-ssl-on-laravel-homestead
# https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/
echo "adding cert $f to trusted root certs"
if [[ $( sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain $f ) ]]
then
echo "killing chrome to get the new certificate"
#pkill -a -i "Google Chrome"
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment