Startsida Utforska Hjälp
Registrera dig Logga in
shixiong
/
okd
1
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Träd: 1c402c309f
Grenar Taggar
okd
/
roles
/
openshift_metrics
/
files
/
import_jks_certs.sh

import_jks_certs.sh 2.0 KB
Historik

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152 
  1. #!/bin/bash
    2. 

  2. #
    3. 

  3. # Copyright 2014-2015 Red Hat, Inc. and/or its affiliates
    4. 

  4. # and other contributors as indicated by the @author tags.
    5. 

  5. #
    6. 

  6. # Licensed under the Apache License, Version 2.0 (the "License");
    7. 

  7. # you may not use this file except in compliance with the License.
    8. 

  8. # You may obtain a copy of the License at
    9. 

  9. #
    10. 

  10. #    http://www.apache.org/licenses/LICENSE-2.0
    11. 

  11. #
    12. 

  12. # Unless required by applicable law or agreed to in writing, software
    13. 

  13. # distributed under the License is distributed on an "AS IS" BASIS,
    14. 

  14. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    15. 

  15. # See the License for the specific language governing permissions and
    16. 

  16. # limitations under the License.
    17. 

  17. #
    18. 

  18. 

  19. set -ex
    20. 

  20. 

  21. function import_certs() {
    22. 

  22.   dir=$CERT_DIR
    23. 

  23.   hawkular_metrics_keystore_password=$(echo $METRICS_KEYSTORE_PASSWD | base64 -d)
    24. 

  24.   hawkular_metrics_truststore_password=$(echo $METRICS_TRUSTSTORE_PASSWD | base64 -d)
    25. 

  25.   hawkular_alias=`keytool -noprompt -list -keystore $dir/hawkular-metrics.truststore -storepass ${hawkular_metrics_truststore_password} | sed -n '7~2s/,.*$//p'`
    26. 

  26. 

  27.   if [ ! -f $dir/hawkular-metrics.keystore ]; then
    28. 

  28.     echo "Creating the Hawkular Metrics keystore from the PEM file"
    29. 

  29.     keytool -importkeystore -v \
    30. 

  30.       -srckeystore $dir/hawkular-metrics.pkcs12 \
    31. 

  31.       -destkeystore $dir/hawkular-metrics.keystore \
    32. 

  32.       -srcstoretype PKCS12 \
    33. 

  33.       -deststoretype JKS \
    34. 

  34.       -srcstorepass $hawkular_metrics_keystore_password \
    35. 

  35.       -deststorepass $hawkular_metrics_keystore_password
    36. 

  36.   fi
    37. 

  37. 

  38.   cert_alias_names=(ca metricca)
    39. 

  39. 

  40.   for cert_alias in ${cert_alias_names[*]}; do
    41. 

  41.     if [[ ! ${hawkular_alias[*]} =~ "$cert_alias" ]]; then
    42. 

  42.       echo "Importing the CA Certificate with alias $cert_alias into the Hawkular Metrics Truststore"
    43. 

  43.       keytool -noprompt -import -v -trustcacerts -alias $cert_alias \
    44. 

  44.         -file ${dir}/ca.crt \
    45. 

  45.         -keystore $dir/hawkular-metrics.truststore \
    46. 

  46.         -trustcacerts \
    47. 

  47.         -storepass $hawkular_metrics_truststore_password
    48. 

  48.     fi
    49. 

  49.   done
    50. 

  50. }
    51. 

  51. 

  52. import_certs
    53.