-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmerge_cert.sh
More file actions
51 lines (41 loc) · 1.67 KB
/
merge_cert.sh
File metadata and controls
51 lines (41 loc) · 1.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
# --- 步骤 1: 定义变量 ---
# 获取系统默认证书路径 (通过 Python certifi 库)
SYS_CERT=$(python3 -c "import certifi; print(certifi.where())")
# 定义 mitmproxy 证书路径 (尝试常见位置)
MITM_CERT=~/.mitmproxy/mitmproxy-ca-cert.pem
if [ ! -f "$MITM_CERT" ]; then
# 如果是 root 运行的 mitmproxy,路径可能在 /root 下
MITM_CERT=/root/.mitmproxy/mitmproxy-ca-cert.pem
fi
# 定义输出文件路径 (放在用户家目录)
MERGED_CERT=~/.mitmproxy/merged_ca_bundle.pem
# --- 步骤 2: 检查文件是否存在 ---
if [ ! -f "$SYS_CERT" ]; then
echo "❌ 错误: 找不到系统证书文件 ($SYS_CERT)。请确保安装了 python3-certifi 或 certifi 包。"
exit 1
fi
if [ ! -f "$MITM_CERT" ]; then
echo "❌ 错误: 找不到 mitmproxy 证书文件 ($MITM_CERT)。"
echo "提示: 请先运行一次 'mitmproxy' 或 'mitmdump' 让它生成证书。"
exit 1
fi
# --- 步骤 3: 执行合并 ---
echo "🔄 正在合并证书..."
echo "源文件 1 (系统): $SYS_CERT"
echo "源文件 2 (Mitm): $MITM_CERT"
echo "目标文件: $MERGED_CERT"
# 先复制系统证书
cat "$SYS_CERT" > "$MERGED_CERT"
# 追加 mitmproxy 证书 (加一个换行符确保格式正确)
echo "" >> "$MERGED_CERT"
cat "$MITM_CERT" >> "$MERGED_CERT"
# --- 步骤 4: 验证结果 ---
echo ""
echo "✅ 合并完成!"
echo "文件大小: $(ls -lh "$MERGED_CERT" | awk '{print $5}')"
echo "证书数量估算: $(grep -c 'BEGIN CERTIFICATE' "$MERGED_CERT") 个"
# --- 步骤 5: 设置环境变量 (临时生效) ---
echo ""
echo "👉 请立即执行以下命令使当前终端生效:"
echo "export SSL_CERT_FILE=$MERGED_CERT"
echo "export REQUESTS_CA_BUNDLE=$MERGED_CERT"