blob: 8120878d75ec469d1ae105399c0320290f412714 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
export LC_ALL=C
post_install() {
usr/bin/update-ca-trust
# This should be a normally packaged file, but that would
# require user intervention at upgrade
ln -srf etc/ca-certificates/extracted/tls-ca-bundle.pem \
etc/ssl/certs/ca-certificates.crt
}
post_upgrade() {
usr/bin/update-ca-trust
if (( $(vercmp $2 20140923-7.1) < 0 )); then
cat <<MSG
The way local CA certificates are handled has changed.
If you have added any certificates manually:
1. Move certificates from /usr/local/share/ca-certificates/
to /etc/ca-certificates/trust-source/anchors/
2. Do the same with root certificates added to /etc/ssl/certs/
3. Instead of \`update-ca-certificates\`, run \`trust extract-compat\`
Also see \`man 8 update-ca-trust\` and \`trust --help\`.
MSG
fi
if (( $(vercmp $2 20150402) < 0 )); then
ln -srf etc/ca-certificates/extracted/tls-ca-bundle.pem \
etc/ssl/certs/ca-certificates.crt
# Moved to etc/ca-certificates/extracted
rm -f etc/ssl/certs/ca-bundle.trust.crt
fi
}
pre_remove() {
usr/bin/update-ca-trust
rm -f etc/ssl/certs/{ca-certificates.crt,java/cacerts}
}
# vim:set noet ts=8 sw=8 sts=0:
|
