diff options
| author |   Gary Wu <gary.i.wu@huawei.com> | 2018-09-27 10:38:50 -0700 |
|---|---|---|
| committer | Gary Wu <gary.i.wu@huawei.com> | 2018-09-27 10:39:43 -0700 |
| commit | 9abb61ca2cea1907cab2cec312d6dca6e53a93cd (patch) | |
| tree | c8ff0718b6626832efd3ff3acc48590dbd6cb64c /plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh | |
| parent | a328a3e2e531240ea4a9ed2ce4a284af1be5e225 (diff) | |
Move CSIT to integration/csit repo
To facilite branching of CSIT tests, all CSIT test
code and scripts are relocated to the integration/csit
repo.
Change-Id: I1e4c0eff44691f73f8098b3c52764107f6b8b8df
Issue-ID: INT-671
Signed-off-by: Gary Wu <gary.i.wu@huawei.com>
Diffstat (limited to 'plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh')
| -rwxr-xr-x | plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh b/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh new file mode 100755 index 00000000..34572f7a --- /dev/null +++ b/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh @@ -0,0 +1,59 @@ +#!/usr/bin/env bash + +set -eu -o pipefail -o xtrace + +STORE_PASS=onaponap +CN_PREFIX=dcaegen2-hvves +DNAME_PREFIX="C=PL,ST=DL,L=Wroclaw,O=Nokia,OU=MANO,CN=${CN_PREFIX}" + +store_opts="-storetype PKCS12 -storepass ${STORE_PASS} -noprompt" + +function gen_key() { + local key_name="$1" + local ca="$2" + local keystore="-keystore ${key_name}.p12 ${store_opts}" + keytool -genkey -alias ${key_name} \ + ${keystore} \ + -keyalg RSA \ + -validity 730 \ + -keysize 2048 \ + -dname "${DNAME_PREFIX}-${key_name}" + keytool -import -trustcacerts -alias ${ca} -file ${ca}.crt ${keystore} + + keytool -certreq -alias ${key_name} -keyalg RSA ${keystore} | \ + keytool -alias ${ca} -gencert -ext "san=dns:${CN_PREFIX}-${ca}" ${store_opts} -keystore ${ca}.p12 | \ + keytool -alias ${key_name} -importcert ${keystore} +} + + +function gen_ca() { + local ca="$1" + keytool -genkeypair ${store_opts} -alias ${ca} -dname "${DNAME_PREFIX}-${ca}" -keystore ${ca}.p12 + keytool -export -alias ${ca} -file ${ca}.crt ${store_opts} -keystore ${ca}.p12 +} + +function gen_truststore() { + local name="$1" + local trusted_ca="$2" + keytool -import -trustcacerts -alias ca -file ${trusted_ca}.crt ${store_opts} -keystore ${name}.p12 +} + +function clean() { + rm -f *.crt *.p12 +} + +if [[ $# -eq 0 ]]; then + gen_ca ca + gen_ca untrustedca + gen_truststore trust ca + gen_truststore untrustedtrust untrustedca + gen_key client ca + gen_key server ca + gen_key untrustedclient untrustedca +elif [[ $1 == "clean" ]]; then + clean +else + echo "usage: $0 [clean]" + exit 1 +fi + |