### Script installs root.cert.pem to certificate trust store of applications using NSS
### (e.g. Firefox, Thunderbird, Chromium)
### Mozilla uses cert8, Chromium and Chrome use cert9

###
### Requirement: apt install libnss3-tools and curl 
###
apt-get --yes install libnss3-tools
apt-get --yes install curl

### Download and installs it to the OS.  
sudo mkdir /usr/share/ca-certificates/securly
sudo curl -o /usr/share/ca-certificates/securly_ca_2034.crt https://download.securly.com/cert/securly_ca_2034.crt
sudo update-ca-certificates

###############################################################################################################


###
### CA file to install (CUSTOMIZE!) Cert 1
###

sudo curl -o securly_ca_2034.pem  https://download.securly.com/cert/securly_ca_2034.pem

certfile1="securly_ca_2034.pem"
certname1="*.securly.com"

###
### For cert8 (legacy - DBM)
###

for certDB in $(find ~/ -name "cert8.db")
do
    certdir=$(dirname ${certDB});
    certutil -A -n "${certname1}" -t "TCu,Cu,Tu" -i ${certfile1} -d dbm:${certdir}
done


###
### For cert9 (SQL)
###

for certDB in $(find ~/ -name "cert9.db")
do
    certdir=$(dirname ${certDB});
    certutil -A -n "${certname1}" -t "TCu,Cu,Tu" -i ${certfile1} -d sql:${certdir}
done