Last active
January 22, 2024 11:16
-
-
Save carlfriedrich/9739617ce9df86a0c439ac51442ec32d to your computer and use it in GitHub Desktop.
import-windows-certificates-to-wsl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# This script exports certain certificates from Windows and installs them in WSL. | |
# It can be run from WSL using the following command: | |
# | |
# bash -c "$(wget -O - https://gist.githubusercontent.com/carlfriedrich/9739617ce9df86a0c439ac51442ec32d/raw)" | |
# | |
CERTIFICATES=( | |
"ZEIT-SRV-CA" | |
"Zscaler Inc. Root CA" | |
"Zscaler Root CA" | |
) | |
TMP_DIR=$(mktemp -d) | |
pushd ${TMP_DIR} > /dev/null | |
for certificate in "${CERTIFICATES[@]}" | |
do | |
# Replace whitespace with underscores for filename | |
filename=${certificate// /_} | |
# Export certificates from Windows | |
powershell.exe -c " | |
Export-Certificate -Cert @( | |
Get-ChildItem 'cert:\LocalMachine' -recurse | | |
Where-Object { \$_.Subject -match 'CN=${certificate}' } | |
)[0] -FilePath ${filename}.cer -Type CERT" | |
# Convert to Linux format and install in WSL | |
sudo openssl x509 -inform der \ | |
-in ${filename}.cer \ | |
-out /usr/local/share/ca-certificates/${filename}.crt | |
done | |
sudo update-ca-certificates | |
popd > /dev/null | |
rm -rf ${TMP_DIR} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment