diff options
author | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-12-04 07:49:31 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-12-04 07:49:31 +0000 |
commit | 291fc44259fee6fd370938bad79fa9553f6c84f0 (patch) | |
tree | 96861ae0f0bac38622e6ab72b5585e3f2f02fdf8 /kubernetes/platform/components/oom-cert-service/Makefile | |
parent | 146eff800eeb62f9d38169089e33d2cd3057d0c4 (diff) | |
parent | 741fb0b880f98e2859dc996c17394a7352ba3cfd (diff) |
Merge "[CMPv2-CERT-PROVIDER] Add helm chart for K8s external provider"
Diffstat (limited to 'kubernetes/platform/components/oom-cert-service/Makefile')
-rw-r--r-- | kubernetes/platform/components/oom-cert-service/Makefile | 36 |
1 files changed, 33 insertions, 3 deletions
diff --git a/kubernetes/platform/components/oom-cert-service/Makefile b/kubernetes/platform/components/oom-cert-service/Makefile index 736a19fbd4..ea0cb8aae4 100644 --- a/kubernetes/platform/components/oom-cert-service/Makefile +++ b/kubernetes/platform/components/oom-cert-service/Makefile @@ -19,6 +19,10 @@ all: start_docker \ server_import_root_certificate \ server_convert_certificate_to_jks \ server_convert_certificate_to_p12 \ + convert_truststore_to_p12 \ + convert_truststore_to_pem \ + server_export_certificate_to_pem \ + server_export_key_to_pem \ clear_unused_files \ stop_docker @@ -32,7 +36,7 @@ start_docker: $(eval FULL_JAVA_IMAGE := $(REPOSITORY)/$(JAVA_IMAGE)) $(eval USERNAME :=$(shell id -u)) $(eval GROUP :=$(shell id -g)) - docker run --rm --name ${DOCKER_CONTAINER} --user "$(USERNAME):$(GROUP)" --mount type=bind,source=${CURRENT_DIR}/${CERTS_DIR},target=/app -w /app --entrypoint "sh" -td $(FULL_JAVA_IMAGE) + docker run --rm --name ${DOCKER_CONTAINER} --user "$(USERNAME):$(GROUP)" --mount type=bind,source=${CURRENT_DIR}/${CERTS_DIR},target=/certs -w /certs --entrypoint "sh" -td $(FULL_JAVA_IMAGE) # Stops docker container for generating certificates. 'true' is used to return 0 status code, if container is already deleted stop_docker: @@ -46,7 +50,7 @@ clear_all: #Clear certificates clear_existing_certificates: @echo "Clear certificates" - ${DOCKER_EXEC} rm -f certServiceClient-keystore.jks certServiceServer-keystore.jks root.crt truststore.jks certServiceServer-keystore.p12 + ${DOCKER_EXEC} rm -f certServiceClient-keystore.jks certServiceServer-keystore.jks root.crt truststore.jks certServiceServer-keystore.p12 truststore.pem certServiceServer-cert.pem certServiceServer-key.pem @echo "#####done#####" #Generate root private and public keys @@ -146,8 +150,34 @@ server_convert_certificate_to_p12: -destkeystore certServiceServer-keystore.p12 -deststoretype PKCS12 -deststorepass secret @echo "#####done#####" +#Convert truststore(.jks) to PCKS12 format(.p12) +convert_truststore_to_p12: + @echo "Convert certServiceServer-keystore(.jks) to PCKS12 format(.p12)" + ${DOCKER_EXEC} keytool -importkeystore -srckeystore truststore.jks -srcstorepass secret \ + -destkeystore truststore.p12 -deststoretype PKCS12 -deststorepass secret + @echo "#####done#####" + +#Convert truststore(.p12) to PEM format(.pem) +convert_truststore_to_pem: + @echo "Convert certServiceServer-keystore(.p12) to PEM format(.pem)" + ${DOCKER_EXEC} openssl pkcs12 -nodes -in truststore.p12 -out truststore.pem -passin pass:secret + @echo "#####done#####" + +#Export certificates from certServiceServer-keystore(.p12) to PEM format(.pem) +server_export_certificate_to_pem: + @echo "Export certificates from certServiceClient-keystore(.p12) to PEM format(.pem)" + ${DOCKER_EXEC} openssl pkcs12 -in certServiceServer-keystore.p12 -passin 'pass:secret' -nodes -nokeys -out certServiceServer-cert.pem + @echo "#####done#####" + +#Export keys from certServiceServer-keystore(.p12) to PEM format(.pem) +server_export_key_to_pem: + @echo "Export keys from certServiceClient-keystore(.p12) to PEM format(.pem)" + ${DOCKER_EXEC} openssl pkcs12 -in certServiceServer-keystore.p12 -passin 'pass:secret' -nodes -nocerts -out certServiceServer-key.pem + @echo "#####done#####" + + #Clear unused certificates clear_unused_files: @echo "Clear unused certificates" - ${DOCKER_EXEC} rm -f certServiceClientByRoot.crt certServiceClient.csr root-keystore.jks certServiceServerByRoot.crt certServiceServer.csr + ${DOCKER_EXEC} rm -f certServiceClientByRoot.crt certServiceClient.csr root-keystore.jks certServiceServerByRoot.crt certServiceServer.csr truststore.p12 @echo "#####done#####" |