1#! /bin/csh -f 2# 3# Build a new X509Anchors or X509Certificates file from all of the certs in 4# specified directory. 5# 6if ( $#argv != 2 ) then 7 echo Usage: buildX509Anchors anchors\|certs anchor_dir 8 exit(1) 9endif 10 11set KCDIR=/System/Library/Keychains 12set CERTSDIR=$argv[2] 13set SECTOOL=/usr/bin/security 14 15switch ( "$argv[1]" ) 16 case anchors: 17 set KCFILE=$KCDIR/X509Anchors 18 set KCFILE_BACK=$KCDIR/X509Anchors_old 19 set KC_PWD=X509Anchors 20 breaksw 21 case certs: 22 set KCFILE=$KCDIR/X509Certificates 23 set KCFILE_BACK=$KCDIR/X509Certificates_old 24 set KC_PWD=X509Certificates 25 breaksw 26 default: 27 echo Usage: buildX509Anchors anchors\|certs anchor_dir 28 exit(1) 29endsw 30 31if ( -e $KCFILE ) then 32 echo Saving old $KCFILE... 33 set cmd="rm -f $KCFILE_BACK" 34 echo $cmd 35 $cmd || exit(1) 36 set cmd="mv $KCFILE $KCFILE_BACK" 37 echo $cmd 38 $cmd || exit(1) 39else 40 echo Warning: no existing $KCFILE! 41endif 42 43set cmd="$SECTOOL create-keychain -p $KC_PWD $KCFILE" 44$cmd || exit(1) 45 46set cmd="cd $CERTSDIR" 47echo $cmd 48$cmd || exit(1) 49foreach i (*) 50 if( ( -f "$i" ) && ( "$i" != X509Anchors) ) then 51 set cmd="$SECTOOL add-certificate -k $KCFILE $i" 52 echo $cmd 53 $SECTOOL add-certificate -k $KCFILE "$i" || exit(1) 54 endif 55end 56echo .../Complete. 57