#!/bin/bash echo ================================================== echo == AQSI SSL certificate update \(2026\) echo == \(c\) by Andrey Bogdanov echo ================================================== TMP_DIR=/tmp/tmp_cert CERT_URL=https://cube-data.aqsi.ru/cert CERT_DIR=/usr/share/ca-certificates/mozilla FONT_BOLD="\033[1m" FONT_NORMAL="\033[0m" FONT_RED="\033[31m" FONT_GREEN="\033[32m" FONT_YELLOW="\033[33m" ######################################################################## # Install certificate ######################################################################## install_cert() { CERT_CONF=/etc/ca-certificates.conf cert_name=$1 echo -e $FONT_YELLOW"Install certificate ["$cert_name"]"$FONT_NORMAL echo wget --verbose -P $TMP_DIR $CERT_URL/$cert_name wget --verbose -P $TMP_DIR $CERT_URL/$cert_name if [ -f $TMP_DIR/$cert_name ]; then mv -f $TMP_DIR/$cert_name $CERT_DIR/$cert_name echo -e $FONT_YELLOW"Adding lines to ["$CERT_CONF"]"$FONT_NORMAL if grep $cert_name $CERT_CONF then echo "" else echo "mozilla/"$cert_name echo "mozilla/"$cert_name >> $CERT_CONF fi else echo -e $FONT_RED"Failed to load certificate"$FONT_NORMAL fi } ##################################################################### # BEGIN MAIN #################################################################### # Remove wrong file aqsi-cacert.pem if [ -f /etc/ssl/certs/aqsi-cacert.pem ] then echo "Remove wrong file aqsi-cacert.pem" rm -f /etc/ssl/certs/aqsi-cacert.pem fi # If TMP_DIR does not exist - create if ! [ -d $TMP_DIR ] then mkdir $TMP_DIR else # If TMP_DIR exists - clear old files rm -f $TMP_DIR/* fi install_cert aqsi_root.crt install_cert CAAqsiAdmin.crt install_cert russian_root_ca.crt install_cert russian_trusted_sub_ca.crt install_cert russian_trusted_sub_ca_2024.crt echo -e $FONT_YELLOW"Execute: [update-ca-certificates]"$FONT_NORMAL update-ca-certificates