Skip to content

Instantly share code, notes, and snippets.

@mendhak

mendhak/add-all-aws-ca.sh

Last active July 22, 2024 18:14
Show Gist options
  • Save mendhak/ac62bdbb8ff93212f61c454b8fdfb88a to your computer and use it in GitHub Desktop.
Save mendhak/ac62bdbb8ff93212f61c454b8fdfb88a to your computer and use it in GitHub Desktop.
Download ZIP
Script to add all Amazon AWS CAs to the local Ubuntu trust store
Raw
add-all-aws-ca.sh
certdir=/tmp/aws-certs
mkdir -p "${certdir}"
sudo mkdir -p /usr/local/share/ca-certificates/aws/
curl -sS "https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem" > ${certdir}/global-bundle.pem
awk 'split_after == 1 {n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1}{print > "aws-ca-" n+1 ".crt"}' < ${certdir}/global-bundle.pem
for cert in aws-ca-*; do
sudo mv $cert /usr/local/share/ca-certificates/aws/
done
sudo update-ca-certificates
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment