#!/bin/bash
#
#	This script is a placeholder for a local certificate authority (CA)
#	to be a recognized certificate authority.
#
#	This script must be run as root.
#
#	Works on both CentOS and Ubuntu.
#
set -x
cat >/tmp/aafcacert.crt <<'!EOF'
-----BEGIN CERTIFICATE-----
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
*******   PUT REAL CERTIFICATE HERE ****************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
-----END CERTIFICATE-----
!EOF
chmod 444 /tmp/aafcacert.crt
if [ -f /etc/redhat-release ]
then
	mv /tmp/aafcacert.crt /etc/pki/ca-trust/source/anchors/aafcacert.pem
	update-ca-trust
else
	mv /tmp/aafcacert.crt /usr/local/share/ca-certificates/aafcacert.crt
	update-ca-certificates
fi