StevePlace68/cert-splitter.sh

## cert-splitter.sh
#!/bin/bash

# Define file locations/password, change to match your machine
CA_BUNDLE="/etc/ssl/certs/ca-bundle.crt"
TRUSTSTORE="/path/to/my-truststore.jks"
TRUSTSTORE_PASS="changeit"

# Split the ca-bundle.crt into individual certificates
csplit -sz "$CA_BUNDLE" '/-----BEGIN CERTIFICATE-----/' '{*}'

# Loop through the split files, import each into the Java KeyStore
for CERT in xx*; do
  # Generate an alias from the certificate file
  ALIAS=$(openssl x509 -noout -subject -in "$CERT" | sed -e "s/.*CN=\(.*\)/\1/")

  # Import the certificate
  keytool -import -noprompt -trustcacerts -file "$CERT" -alias "$ALIAS" -keystore "$TRUSTSTORE" -storepass "$TRUSTSTORE_PASS"

  # Clean up the temporary certificate file
  rm "$CERT"
done

echo "All certificates have been imported into the truststore."
	#!/bin/bash

	# Define file locations/password, change to match your machine
	CA_BUNDLE="/etc/ssl/certs/ca-bundle.crt"
	TRUSTSTORE="/path/to/my-truststore.jks"
	TRUSTSTORE_PASS="changeit"

	# Split the ca-bundle.crt into individual certificates
	csplit -sz "$CA_BUNDLE" '/-----BEGIN CERTIFICATE-----/' '{*}'

	# Loop through the split files, import each into the Java KeyStore
	for CERT in xx*; do
	# Generate an alias from the certificate file
	ALIAS=$(openssl x509 -noout -subject -in "$CERT" \| sed -e "s/.CN=\(.\)/\1/")

	# Import the certificate
	keytool -import -noprompt -trustcacerts -file "$CERT" -alias "$ALIAS" -keystore "$TRUSTSTORE" -storepass "$TRUSTSTORE_PASS"

	# Clean up the temporary certificate file
	rm "$CERT"
	done

	echo "All certificates have been imported into the truststore."