blob: 61138afc509ee898765c5e88532be581741b7004 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
#!/bin/bash
set -x
set -e
### HACK
case $(hostname) in
*drps??)
FILE=/etc/my.cnf
if [ -e $FILE ]; then rm $FILE; fi
;;
esac
mkdir -p /etc/dcae
sudo chown dcae:dcae /etc/dcae
export JAVA_HOME=/opt/app/java/jdk/jdk170
export PATH=$JAVA_HOME/bin:$PATH
DIR=/opt/app/dcae-certificate
sudo mkdir -p $DIR
sudo chown attcloud:attcloud $DIR
cd $DIR
cat /tmp/certificate.pkcs12.b64code | base64 --decode > certificate.pkcs12
cp /tmp/.password .password
chmod go-rwx /tmp/.password
chmod go+r /tmp/.password
chmod o-rwx .password
PW=$(cat .password)
ALIAS=$(hostname)
rm -f keystore.jks
keytool -genkey -alias $ALIAS -keystore keystore.jks << EOF > /dev/null
$PW
$PW
yes
EOF
echo $PW | keytool -delete -keystore keystore.jks -alias $ALIAS
( echo $PW ; echo $PW ) | keytool -v -importkeystore -srckeystore certificate.pkcs12 -srcstoretype PKCS12 -destkeystore keystore.jks -deststoretype JKS
echo $PW | keytool -v -list -keystore keystore.jks | tee keystore.list
sudo chown -R dcae:dcae $DIR
##for u in $*; do
##setfacl -m u:$u:rx /opt/app/dcae-certificate
##setfacl -m u:$u:r /opt/app/dcae-certificate/*
##setfacl -m u:$u:r /opt/app/dcae-certificate/.password
##done
|
