Last active
July 22, 2024 18:14
-
-
Save mendhak/ac62bdbb8ff93212f61c454b8fdfb88a to your computer and use it in GitHub Desktop.
Script to add all Amazon AWS CAs to the local Ubuntu trust store
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| certdir=/tmp/aws-certs | |
| mkdir -p "${certdir}" | |
| sudo mkdir -p /usr/local/share/ca-certificates/aws/ | |
| curl -sS "https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem" > ${certdir}/global-bundle.pem | |
| awk 'split_after == 1 {n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1}{print > "aws-ca-" n+1 ".crt"}' < ${certdir}/global-bundle.pem | |
| for cert in aws-ca-*; do | |
| sudo mv $cert /usr/local/share/ca-certificates/aws/ | |
| done | |
| sudo update-ca-certificates |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment