chore: remove all old CA in all browsers

stacksjs · Jun 3, 2024 · 1d93d76 · 1d93d76
1 parent ff62c0e
commit 1d93d76
Showing 1 changed file with 43 additions and 8 deletions.
diff --git a/src/keys.ts b/src/keys.ts
@@ -4,6 +4,7 @@ import os from 'node:os'
 import path from 'node:path'
 import type { Readable, Writable } from 'node:stream'
 import { exec, log, runCommand, runCommands } from '@stacksjs/cli'
+import { glob } from '@stacksjs/storage'
 import forge, { pki, tls } from 'node-forge'
 import { resolveConfig } from './config'
 import type { GenerateCertOptions } from './types'
@@ -287,7 +288,6 @@ export async function addCertToSystemTrustStoreAndSaveCerts(
   CAcert: string,
   options?: AddCertOptions,
 ) {
-  // console.log((await runCommand(`certutil -d sql:${os.homedir()}/.pki/nssdb -L -n ${DEFAULT_O}`)).isOk())
   const certPath = storeCert(cert, options)
   const CAcertPath = storeCACert(CAcert, options)
 
@@ -306,21 +306,56 @@ export async function addCertToSystemTrustStoreAndSaveCerts(
     // Linux (This might vary based on the distro)
     // for Ubuntu/Debian based systems
 
-    // delete existing cert from system trust store
-    console.warn = async () => {
-      // ignore error if no cert exists
-      await runCommand(`certutil -d sql:${os.homedir()}/.pki/nssdb -D -n ${DEFAULT_O}`)
-      await runCommand(
-        `certutil -d sql:${os.homedir()}/snap/firefox/common/.mozilla/firefox/3l148raz.default -D -n ${DEFAULT_O}`,
-      )
+    // return all directories that contain cert9.db file using fs.readdirSync
+
+    function findFoldersWithFile(rootDir: string, fileName: string): string[] {
+      const result: string[] = []
+
+      function search(dir: string) {
+        try {
+          const files = fs.readdirSync(dir)
+
+          for (const file of files) {
+            const filePath = path.join(dir, file)
+            const stats = fs.lstatSync(filePath) // Use fs.lstatSync instead
+
+            if (stats.isDirectory()) {
+              search(filePath)
+            } else if (file === fileName) {
+              result.push(dir)
+            }
+          }
+        } catch (error) {
+          // Handle any errors (e.g., broken links, permission issues)
+        }
+      }
+
+      search(rootDir)
+      return result
     }
+    //
+    const rootDirectory = `${os.homedir()}`
+    const targetFileName = 'cert9.db'
+    const foldersWithFile = findFoldersWithFile(rootDirectory, targetFileName)
+
+    foldersWithFile.map(async (folder) => {
+      // delete existing cert from system trust store
+      console.warn = async () => {
+        // ignore error if no cert exists
+        await runCommand(`certutil -d sql:${folder} -D -n ${DEFAULT_O}`)
+      }
+    })
 
     await runCommands([
       `sudo cp ${certPath} /usr/local/share/ca-certificates/`,
 
       // add new cert to system trust store
       `certutil -d sql:${os.homedir()}/.pki/nssdb -A -t ${args} -n ${DEFAULT_O} -i ${CAcertPath}`,
 
+      // add new cert to system trust store for Brave
+      `certutil -d sql:${os.homedir()}/snap/brave/411/.pki/nssdb -A -t ${args} -n ${DEFAULT_O} -i ${CAcertPath}`,
+
+      // add new cert to system trust store for Firefox
       `certutil -d sql:${os.homedir()}/snap/firefox/common/.mozilla/firefox/3l148raz.default -A -t ${args} -n ${DEFAULT_O} -i ${CAcertPath}`,
 
       // reload system trust store