PeterSurda/ipxe_scripts
1
0
Fork 0
forked from Sysdeploy/ipxe_scripts
Code Issues Pull Requests Projects Releases Wiki Activity

Add iPXE root CA cert

Browse Source
This commit is contained in:
Peter Šurda 2022-09-20 19:28:10 +08:00
parent f552011aed
commit 06e4a2d9ca
Signed by: PeterSurda
GPG Key ID: 3E47497CF67ABB95
1 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
buildbot/buildbot_steps.sh
View File

@ -46,6 +46,9 @@ function sed_enabled_ipxe_features() {
"${ipxe_src_dir}/src/config/general.h" "${ipxe_src_dir}/src/config/general.h"
done done
echo "Downloading default iPXE CA certificate"
wget -O ipxe_root_ca.crt https://ipxe.org/_media/certs/ca.crt
return 0 return 0
} }
@ -79,7 +82,7 @@ function make_ipxe_lkrn() {
curr="$(pwd)" curr="$(pwd)"
cd "${ipxe_src_dir}/src/" || return 1 cd "${ipxe_src_dir}/src/" || return 1
make bin/ipxe.lkrn EMBED="${embed_file}" CERT="${signing_cert},${ca_cert}" TRUST="${ca_cert}" || return 2 make bin/ipxe.lkrn EMBED="${embed_file}" CERT="ipxe_root_ca.crt,${signing_cert},${ca_cert}" TRUST="ipxe_root_ca.crt,${ca_cert}" || return 2
cd "$curr" cd "$curr"
return 0 return 0
@ -115,7 +118,7 @@ function make_ipxe_iso() {
curr="$(pwd)" curr="$(pwd)"
cd "${ipxe_src_dir}/src/" || return 1 cd "${ipxe_src_dir}/src/" || return 1
make bin/ipxe.iso EMBED="${embed_file}" CERT="${signing_cert},${ca_cert}" TRUST="${ca_cert}" || return 2 make bin/ipxe.iso EMBED="${embed_file}" CERT="ipxe_root_ca.crt,${signing_cert},${ca_cert}" TRUST="ipxe_root_ca.crt,${ca_cert}" || return 2
cd "$curr" cd "$curr"
return 0 return 0
@ -151,7 +154,7 @@ function make_ipxe_dsk() {
curr="$(pwd)" curr="$(pwd)"
cd "${ipxe_src_dir}/src/" || return 1 cd "${ipxe_src_dir}/src/" || return 1
make bin/ipxe.usb EMBED="${embed_file}" CERT="${signing_cert},${ca_cert}" TRUST="${ca_cert}" || return 2 make bin/ipxe.usb EMBED="${embed_file}" CERT="ipxe_root_ca.crt,${signing_cert},${ca_cert}" TRUST="ipxe_root_ca.crt,${ca_cert}" || return 2
cd "$curr" cd "$curr"
return 0 return 0
@ -187,7 +190,7 @@ function make_ipxe_pxe() {
curr="$(pwd)" curr="$(pwd)"
cd "${ipxe_src_dir}/src/" || return 1 cd "${ipxe_src_dir}/src/" || return 1
make bin/ipxe.pxe EMBED="${embed_file}" CERT="${signing_cert},${ca_cert}" TRUST="${ca_cert}" || return 2 make bin/ipxe.pxe EMBED="${embed_file}" CERT="ipxe_root_ca.crt,${signing_cert},${ca_cert}" TRUST="ipxe_root_ca.crt,${ca_cert}" || return 2
cd "$curr" cd "$curr"
return 0 return 0
@ -227,7 +230,7 @@ function make_ipxe_efi() {
curr="$(pwd)" curr="$(pwd)"
cd "${ipxe_src_dir}/src/" || return 1 cd "${ipxe_src_dir}/src/" || return 1
make bin-x86_64-efi/ipxe.efi EMBED="${embed_file}" CERT="${signing_cert},${ca_cert}" TRUST="${ca_cert}" || return 2 make bin-x86_64-efi/ipxe.efi EMBED="${embed_file}" CERT="ipxe_root_ca.crt,${signing_cert},${ca_cert}" TRUST="ipxe_root_ca.crt,${ca_cert}" || return 2
mv bin-x86_64-efi/ipxe.efi bin/ mv bin-x86_64-efi/ipxe.efi bin/
sbsign --key ${efi_key} --cert ${efi_cert} --output bin/ipxe.efi bin/ipxe.efi sbsign --key ${efi_key} --cert ${efi_cert} --output bin/ipxe.efi bin/ipxe.efi