#!/bin/bash
set -e # stop and exit on any error

PROJECT_DOMAIN="code-dev.g4dge7.com"
PROJECT_NAME="Gadget Code"

#
# Add certificates to OS store for general system use
#

echo "Installing Root CA..."
sudo cp "${PROJECT_DOMAIN}.rootCA.crt" /usr/local/share/ca-certificates/

echo "Installing self-signed development certificate..."
sudo cp "${PROJECT_DOMAIN}.crt" /usr/local/share/ca-certificates/

sudo update-ca-certificates --fresh

#
# Add development certificates to NSS database for Chromium and others
#

certutil -A -d ~/.pki/nssdb/ \
  -t "T,T,T" \
  -i "${PROJECT_DOMAIN}.rootCA.crt" \
  -n "${PROJECT_NAME} Root CA"

certutil -A -d ~/.pki/nssdb/ \
  -t "C,C,C" \
  -i "${PROJECT_DOMAIN}.crt" \
  -n "${PROJECT_NAME} Development"

#
# Display list of registered certificates in NSS database
#

certutil -L -d ~/.pki/nssdb/
