Changeset 540d060

Timestamp:

08/12/2014 01:18:44 AM (10 years ago)

Author:

Bruce Dubbs <bdubbs@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.6, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

009eb04

Parents:

db22f6c

Message:

Clean up CA Certificate install instructions

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@13885 af4574ff-66df-0310-9fd7-8a98e5e911e0

Files:

• introduction/welcome/changelog.xml (modified) (1 diff)
• postlfs/security/cacerts.xml (modified) (8 diffs)

introduction/welcome/changelog.xml

@@ -49 +49 @@
       <itemizedlist>
         <listitem>
-          <para>[igor] - Update to lvm2.2.02.109. Fixes
+          <para>[bdubbs] - Clean up CA Certificate install instructions. Fixes
+          <ulink url="&blfs-ticket-root;5350">#5350</ulink>.</para>
+        </listitem>
+        <listitem>
+          <para>[bdubbs] - Update to lvm2.2.02.109. Fixes
           <ulink url="&blfs-ticket-root;5333">#5333</ulink>.</para>
         </listitem>

postlfs/security/cacerts.xml

@@ -82 +82 @@
     class="username">root</systemitem> user:</para>
 
-<screen role="root"><userinput>cat > /bin/make-cert.pl &lt;&lt; "EOF"
+<screen role="root"><userinput>cat > /usr/bin/make-cert.pl &lt;&lt; "EOF"
 <literal>#!/usr/bin/perl -w
 
@@ -134 +134 @@
 EOF
 
-chmod +x /bin/make-cert.pl</userinput></screen>
+chmod +x /usr/bin/make-cert.pl</userinput></screen>
 
    <para>The following script creates the certificates and a bundle of all the
@@ -142 +142 @@
    user:</para>
 
-<screen role="root"><userinput>cat > /bin/make-ca.sh &lt;&lt; "EOF"
+<screen role="root"><userinput>cat > /usr/bin/make-ca.sh &lt;&lt; "EOF"
 <literal>#!/bin/sh
 # Begin make-ca.sh
@@ -174 +174 @@
 TRUSTATTRIBUTES="CKA_TRUST_SERVER_AUTH"
 BUNDLE="BLFS-ca-bundle-${VERSION}.crt"
-CONVERTSCRIPT="/bin/make-cert.pl"
+CONVERTSCRIPT="/usr/bin/make-cert.pl"
 SSLDIR="/etc/ssl"
 
@@ -240 +240 @@
 EOF
 
-chmod +x /bin/make-ca.sh</userinput></screen>
+chmod +x /usr/bin/make-ca.sh</userinput></screen>
 
    <para>Add a short script to remove expired certificates from a directory.
@@ -246 +246 @@
    class="username">root</systemitem> user:</para>
 
-<screen role="root"><userinput>cat > /bin/remove-expired-certs.sh &lt;&lt; "EOF"
+<screen role="root"><userinput>cat > /usr/bin/remove-expired-certs.sh &lt;&lt; "EOF"
 <literal>#!/bin/sh
-# Begin /bin/remove-expired-certs.sh
+# Begin /usr/bin/remove-expired-certs.sh
 #
 # Version 20120211
@@ -302 +302 @@
 EOF
 
-chmod +x /bin/remove-expired-certs.sh</userinput></screen>
+chmod +x /usr/bin/remove-expired-certs.sh</userinput></screen>
 
    <para>The following commands will fetch the certificates and convert them to
@@ -310 +310 @@
    necessary to update the CA Certificates.</para>
 
-   <screen><userinput>certhost='http://mxr.mozilla.org'                        &amp;&amp;
-certdir='/mozilla/source/security/nss/lib/ckfw/builtins' &amp;&amp;
-url="$certhost$certdir/certdata.txt?raw=1"               &amp;&amp;
-
-wget --output-document certdata.txt $url &amp;&amp;
-unset certhost certdir url               &amp;&amp;
-make-ca.sh                               &amp;&amp;
+   <screen><userinput>URL=&sources-anduin-other-http;/certdata.txt &amp;&amp;
+rm -f certdata.txt &amp;&amp;
+wget $URL          &amp;&amp;
+make-ca.sh         &amp;&amp;
 remove-expired-certs.sh certs</userinput></screen>
 
    <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
 
-<screen role="root"><userinput>SSLDIR=/etc/ssl                                             &amp;&amp;
-install -d ${SSLDIR}/certs                                  &amp;&amp;
-cp -v certs/*.pem ${SSLDIR}/certs                           &amp;&amp;
-c_rehash                                                    &amp;&amp;
-install BLFS-ca-bundle*.crt ${SSLDIR}/ca-bundle.crt         &amp;&amp;
-ln -sv ../ca-bundle.crt ${SSLDIR}/certs/ca-certificates.crt &amp;&amp;
+<screen role="root"><userinput>SSLDIR=/etc/ssl                                              &amp;&amp;
+install -d ${SSLDIR}/certs                                   &amp;&amp;
+cp -v certs/*.pem ${SSLDIR}/certs                            &amp;&amp;
+c_rehash                                                     &amp;&amp;
+install BLFS-ca-bundle*.crt ${SSLDIR}/ca-bundle.crt          &amp;&amp;
+ln -sfv ../ca-bundle.crt ${SSLDIR}/certs/ca-certificates.crt &amp;&amp;
 unset SSLDIR</userinput></screen>