about summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorDavid Morgan <djm_uk@protonmail.com>2024-09-11 15:13:37 +0100
committerDavid Morgan <djm_uk@protonmail.com>2024-09-11 15:13:37 +0100
commitecdb144601bcea4075b618b0e78680e057e506f4 (patch)
treea02ea44f8fcef0e85f87c98609764415a6d693b2
parentba04563c97cc6ab85e037bc0528847615a227ae8 (diff)
downloaddotfiles-ecdb144601bcea4075b618b0e78680e057e506f4.tar.gz
Update keytool command
-rw-r--r--nix-conf/home/otm.nix5
1 files changed, 4 insertions, 1 deletions
diff --git a/nix-conf/home/otm.nix b/nix-conf/home/otm.nix
index 7d7c667..56e1f68 100644
--- a/nix-conf/home/otm.nix
+++ b/nix-conf/home/otm.nix
@@ -103,9 +103,12 @@ let
     # and https://github.com/NixOS/nixpkgs/blob/4877ea239f4d02410c3516101faf35a81af0c30e/pkgs/development/compilers/openjdk/jre.nix#L32
     passthru.home = "${zscaler-jdk}"; # make sure JAVA_HOME is set
     installPhase =
+      # This is probably equivalent to
+      # $out/bin/keytool -import -noprompt -trustcacerts -alias zscalerrootca -keystore $out/lib/security/cacerts <<< "${zscaler-cert}"
+      # but follow the zscaler instructions just in case
       old.installPhase
       + ''
-        $out/bin/keytool -import -noprompt -trustcacerts -alias zscalerrootca -keystore $out/lib/security/cacerts <<< "${zscaler-cert}"
+        ${pkgs.openssl}/bin/openssl x509 -inform pem -outform der <<< "${zscaler-cert}" | $out/bin/keytool -import -noprompt -trustcacerts -alias zscalerrootca -keystore $out/lib/security/cacerts
       '';
   });