You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
61 lines
1.5 KiB
61 lines
1.5 KiB
Name: ca-certificates-custom
|
|
Version: 0.0.1
|
|
Release: rh1
|
|
Summary: Custom CA Certificates
|
|
License: BSD
|
|
Source0: custom-ca.crt
|
|
Source1: haproxy-tls.crt
|
|
Requires(post): ca-certificates
|
|
Requires(postun): ca-certificates
|
|
BuildArch: noarch
|
|
|
|
%description
|
|
Custom CA certificates
|
|
|
|
# We are evil, we have no changelog !
|
|
%global source_date_epoch_from_changelog 0
|
|
|
|
%prep
|
|
##
|
|
## If you do not have a real CA certificate, you can generate one with:
|
|
##
|
|
# openssl req -new -nodes -keyout custom-ca.key -out custom-ca.crt -x509 -subj '/CN=Custom CA'
|
|
cp %{S:0} custom-ca.crt
|
|
cp %{S:1} haproxy-tls.crt
|
|
|
|
%build
|
|
|
|
%install
|
|
install -m 0644 -D custom-ca.crt %{buildroot}/etc/pki/ca-trust/source/anchors/custom-ca.crt
|
|
install -m 0644 -D haproxy-tls.crt %{buildroot}/etc/pki/ca-trust/source/anchors/haproxy-tls.crt
|
|
|
|
%files
|
|
%config %attr(0644, root, root) /etc/pki/ca-trust/source/anchors/custom-ca.crt
|
|
%config %attr(0644, root, root) /etc/pki/ca-trust/source/anchors/haproxy-tls.crt
|
|
|
|
%post
|
|
##
|
|
## You can verify the post script is working by running the following command
|
|
## after the RPM installation:
|
|
##
|
|
#
|
|
# user@localhost$ grep -i custom /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
|
|
# Custom CA
|
|
# user@localhost$ echo $?
|
|
# 0
|
|
#
|
|
update-ca-trust extract
|
|
|
|
%postun
|
|
##
|
|
## You can verify the postun script is working by running the following command
|
|
## after the RPM un-installation:
|
|
##
|
|
#
|
|
# user@localhost$ grep -i custom /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
|
|
# user@localhost$ echo $?
|
|
# 1
|
|
#
|
|
update-ca-trust extract
|
|
|
|
%changelog
|
|
|