feat(certs): override the cacert package to always trust my own CA
This commit is contained in:
parent
c79262d95c
commit
8d0a36614c
3 changed files with 43 additions and 0 deletions
33
nixos/certs/myCA.pem
Normal file
33
nixos/certs/myCA.pem
Normal file
|
|
@ -0,0 +1,33 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFxzCCA6+gAwIBAgIUJMyGRYgYzmcIdliK3ZF66swZb08wDQYJKoZIhvcNAQEL
|
||||||
|
BQAwczELMAkGA1UEBhMCRlIxDzANBgNVBAgMBkZyYW5jZTEXMBUGA1UECgwOS2hh
|
||||||
|
w4PCr3MgQ09MSU4xFDASBgNVBAMMC25peG9zLmxvY2FsMSQwIgYJKoZIhvcNAQkB
|
||||||
|
FhVraGFpcy5jb2xpbkBnbWFpbC5jb20wHhcNMjQwODExMDgzNTE1WhcNMjUwODEx
|
||||||
|
MDgzNTE1WjBzMQswCQYDVQQGEwJGUjEPMA0GA1UECAwGRnJhbmNlMRcwFQYDVQQK
|
||||||
|
DA5LaGHDg8KvcyBDT0xJTjEUMBIGA1UEAwwLbml4b3MubG9jYWwxJDAiBgkqhkiG
|
||||||
|
9w0BCQEWFWtoYWlzLmNvbGluQGdtYWlsLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQAD
|
||||||
|
ggIPADCCAgoCggIBAMvggjAbpoV+GFRJ3stnAmalq6UtfiMayLw3qTECPEUz2YU1
|
||||||
|
xZxxLtv/SgkHTvHnAJCFNc+QY6b0OijJXyOLnDb57P2bBc50PQ4wrYcvMQIaCcwq
|
||||||
|
mPWyE6k7GahdPDbhc4fs818qPDcod2BqR3Vn3BeGurAFEDZGXk15jn1yxn49zWx7
|
||||||
|
TcJ9/5t9Wi4qvTyy3Jxymw1YWYGC4YtYRe0ajngRbkgMEp3ChHF0kIXZJCxrVWIy
|
||||||
|
v4EAxlUsiGF5xYZVzrHMr3squ7GmO6iX6xQDrDY/h17p40C+Uwzl1XqAilETt+/p
|
||||||
|
ThOLjQrOUCgYVV7+0wQr72LpYb+k8EuGzo2CAzUCIJHQqEuhYJK3x8GEeht8OgrL
|
||||||
|
/8ffWDLMXiEuMtNaP0WINYPV5rwTG3Bn7sb61Yr7S8XJ+XyjIx7k+A5k9ApuN3yG
|
||||||
|
5McVn9TqpIIYMACexyLEPEkYYOVNyhVsh8F9h+fW358c3scp+YAj+tUDqr7h70Yc
|
||||||
|
SA57T0hESPi5GkKxPCaARdz5wjJfN44XjYci6u/oMu8ROJuVUEmaa83ISjgeVxd/
|
||||||
|
NZsiBKHEup1t+GqpfBBd3jCVwml8agPIOGxWvS7bWjDy3368wtWR1iTPG3e/Wld9
|
||||||
|
1U2fJ2KE6NDrcrjesvIQf0nnWSL8NLC4xpqOu3lDaYau4jef5xYyIUJihN7XAgMB
|
||||||
|
AAGjUzBRMB0GA1UdDgQWBBQcge+CfVA8SyQCQmMsZurYj2KDlzAfBgNVHSMEGDAW
|
||||||
|
gBQcge+CfVA8SyQCQmMsZurYj2KDlzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3
|
||||||
|
DQEBCwUAA4ICAQAHRoze2hwvrxGZ+G0V94AD/D5Dc6T3rJHcvXrJaDiTwkyx9igp
|
||||||
|
VOjYG+KWSbX0RT2Zrg4LrmneLZ0H2eMtuU7yaLzsKip6AC1RwJdhjMUjrr9qO7t7
|
||||||
|
f9iRGjpCCOS83aHuuIdeWVUqSSKtcx5xtlFH7wEyXp2/Z5q5ceuMXN41C6uAhhyt
|
||||||
|
CEdI5dxMUdNshA81N7lhMJbIMgiitQLMLrS1agTqEpAjFPy9nNri27SR5LryWDQ5
|
||||||
|
iAhjMl4VpHUmO72Nl+5a+h/BXJVcAR9p7ON7ZMKh4adulGfrFIkyb9yz8SMw4QzL
|
||||||
|
UBLAHcztiYWnM0W4YNbiok5qgLBPU9jebFYc3tVFozdokBlG94TMz/lIte0Kq1Ro
|
||||||
|
zdR64Q3lduqpnsnL8F7ud1Xxg/jNWc7kjPbt7jncF6YZcfz6UYw7ZbKjU+P5qFEE
|
||||||
|
3ZPVTNk0B9A9hbjyyARN/6bVvfzNHynRHHxbjK2jhiTAcnzZ8HKr1BZr5670UXxZ
|
||||||
|
3FSmYmdYH6ESn1Kuvz4cwa1CmBRirV+KWyGhT9QRoiRlPDMfpQgUzAEo9438uRV+
|
||||||
|
1EbnLt6aqy1kuBQPonLbvySfzFthwa4RPBMsDAOZN27GhY1mihtI6lxTEB1iV4Nx
|
||||||
|
T8U50GsQuw3J0EAWhhpM4BPFOye6RWY8/cPcl6lY2Ddhfn9J5viqhQj2iA==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
|
@ -127,6 +127,10 @@ in
|
||||||
|
|
||||||
# Allow unfree packages
|
# Allow unfree packages
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
# configure overlays
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(import ./overlays/cacert.nix)
|
||||||
|
];
|
||||||
|
|
||||||
# List packages installed in system profile. To search, run:
|
# List packages installed in system profile. To search, run:
|
||||||
# $ nix search wget
|
# $ nix search wget
|
||||||
|
|
|
||||||
6
nixos/overlays/cacert.nix
Normal file
6
nixos/overlays/cacert.nix
Normal file
|
|
@ -0,0 +1,6 @@
|
||||||
|
self: super:
|
||||||
|
{
|
||||||
|
cacert = super.cacert.override {
|
||||||
|
extraCertificateFiles = [ ../certs/myCA.pem ];
|
||||||
|
};
|
||||||
|
}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue