+#!/bin/bash
+#
+# This script is a placeholder for a local certificate authority (CA)
+# to be a recognized certificate authority.
+#
+# This script must be run as root.
+#
+# Works on both CentOS and Ubuntu.
+#
+set -x
+cat >/tmp/aafcacert.crt <<'!EOF'
+-----BEGIN CERTIFICATE-----
+****************************************************************
+****************************************************************
+****************************************************************
+****************************************************************
+****************************************************************
+****************************************************************
+****************************************************************
+****************************************************************
+******* PUT REAL CERTIFICATE HERE ****************************
+****************************************************************
+****************************************************************
+****************************************************************
+****************************************************************
+****************************************************************
+****************************************************************
+****************************************************************
+****************************************************************
+****************************************************************
+****************************************************************
+-----END CERTIFICATE-----
+!EOF
+chmod 444 /tmp/aafcacert.crt
+if [ -f /etc/redhat-release ]
+then
+ mv /tmp/aafcacert.crt /etc/pki/ca-trust/source/anchors/aafcacert.pem
+ update-ca-trust
+else
+ mv /tmp/aafcacert.crt /usr/local/share/ca-certificates/aafcacert.crt
+ update-ca-certificates
+fi