-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.js
72 lines (60 loc) · 3.45 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
const csvtojson = require('csvtojson');
const fs = require('fs');
const request = require('axios');
async function appendPEMFromUrl(url, individualFiles=false) {
console.log(`Downloading from URL ${url}`);
const response = await request.get(url, { responseType: 'blob'});
console.log('Parsing csv file');
const jsonData = await csvtojson().fromString(response.data);
const output = []
let i=0;
for (const entry of jsonData) {
// Retrieve PEM Info column and remove quotes in beginning and end
let certPem = entry['PEM Info'].slice(1, -1);
const commonName = entry['Common Name or Certificate Name'] || entry['Certificate Subject Common Name'];
const serialNumber = entry['Certificate Serial Number'];
const issuerOrg = entry['Certificate Issuer Organization']
// Remove empty lines in certPem some certificates were coming with blank line e.g.
// Shopper SSL
// Unizeto Technologies S.A.
// 3ABFBB7CED7B8FFFD9862B934C02AF96
certPem = certPem.replace(/-----BEGIN CERTIFICATE-----\n\n/gm,"-----BEGIN CERTIFICATE-----\n");
certPem = certPem.replace(/-----BEGIN CERTIFICATE-----\r\n\r\n/gm,"-----BEGIN CERTIFICATE-----\n");
certPem = certPem.replace(/-----BEGIN CERTIFICATE-----\r\n\n/gm,"-----BEGIN CERTIFICATE-----\n");
certPem = certPem.replace(/-----BEGIN CERTIFICATE-----\n\r\n/gm,"-----BEGIN CERTIFICATE-----\n");
i+=1;
// Add common Name and serial number
process.stdout.write(`Processing ${commonName}`.padEnd(80)+'\r');
if(individualFiles) {
const fileName = `${commonName.replace(/\W/g, '')}_${i}.pem`;
fs.writeFileSync(fileName, `${commonName}\n${issuerOrg}\n${serialNumber}\n${certPem}\n\n`);
}
output.push(`${commonName}\n${issuerOrg}\n${serialNumber}\n${certPem}\n\n`);
}
process.stdout.write(`All certificates processed`.padEnd(80)+'\r');
console.log(`\nURL ${url} processed\n\n`);
return output.join('');
}
async function build() {
// Ensure dist directory
if (!fs.existsSync('ca_bundle')){
fs.mkdirSync('ca_bundle');
}
// Add intermediate certificates
const ca_intermediate_bundle = await appendPEMFromUrl('https://ccadb-public.secure.force.com/mozilla/PublicAllIntermediateCertsWithPEMCSV');
// Add root certificates
const ca_root_bundle = await appendPEMFromUrl('https://ccadb-public.secure.force.com/mozilla/IncludedCACertificateReportPEMCSV');
fs.writeFileSync('ca_bundle/ca_intermediate_bundle.pem', ca_intermediate_bundle);
fs.writeFileSync('ca_bundle/ca_root_bundle.pem', ca_root_bundle);
fs.writeFileSync('ca_bundle/ca_intermediate_root_bundle.pem', ca_root_bundle + ca_intermediate_bundle);
console.log();
console.log('Intermediate and Root Certificate Bundles from Mozilla generated');
console.log('----------------------------------------------------------------');
console.log('Intermediate certificates only bundle at ca_bundle/ca_intermediate_bundle.pem');
console.log('Root only certificates bundle at ca_bundle/ca_root_bundle.pem');
console.log('Intermediate and Root certificates bundle at ca_bundle/ca_intermediate_root_bundle.pem');
console.log();
console.log('To run your Node script with the bundled certificate run:')
console.log('NODE_EXTRA_CA_CERTS=node_modules/node_extra_ca_certs_mozilla_bundle/ca_bundle/ca_intermediate_root_bundle.pem node your_script.js\n');
}
build();