Skip to content

fcshark-org/scart

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
scart
scart
 
 

Repository files navigation

scart

Suspicious CA revoke tool (scart) Use to revoke built-in Suspicious CA, avoiding possible MiTM by CN GOV

Depends

  • bash
  • jq
  • openssl-util

How to use

bash ./scart
# OR
curl -L https://raw.githubusercontent.com/fcshark-org/scart/refs/heads/main/scart | bash

How to restore to default

Debian/Ubuntu/Mint/Alpine/Gentoo

CERTSCONF=/etc/ca-certificates.conf
sudo sed -i 's|^\!||' "$CERTSCONF"
sudo update-ca-certificates

Arch/Manjaro/EndeavourOS/SteamOS

SRCCONF_HIGHT=/etc/ca-certificates/trust-source
BLOCKSUBDIR=blocklist
sudo rm -f "$SRCCONF_HIGHT/$BLOCKSUBDIR"/*
sudo update-ca-trust

RedHat/Fedora

RH_SRCCONF_HIGHT=/etc/pki/ca-trust/source
RH_BLOCKSUBDIR=blocklist
sudo rm -f "$RH_SRCCONF_HIGHT/$RH_BLOCKSUBDIR"/*
sudo update-ca-trust

OpenWRT

opkg update
opkg install --force-reinstall ca-bundle ca-certificates
# OR
apk update
apk fix ca-bundle ca-certificates

Search Country CA

#!/usr/bin/env bash
# Depends: bash openssl-util

ETCCERTSDIR=/etc/ssl/certs
SUFFIX=0
Country=US

# func <Country code> <file>
isCountryCA() {
	local _ISSUER="$(openssl x509 -issuer -nameopt=lname -noout -in "$2")"

	grep -q "countryName=$1" <<< "$_ISSUER"
}

# Main
cd "$ETCCERTSDIR"
find * -name '*.'"$SUFFIX" | while read -r _cert; do
	isCountryCA "$Country" "$_cert" && readlink "$_cert"
done

About

Suspicious CA revoke tool

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

4 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

4 tags

Packages

No packages published

Languages