-
Notifications
You must be signed in to change notification settings - Fork 4
/
02-download-truststore.sh
executable file
·66 lines (53 loc) · 2.42 KB
/
02-download-truststore.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#!/bin/sh
echo "downloading truststore"
# -------------------------------------------------------------------
# update these to match your Event Endpoint Management instance
# -------------------------------------------------------------------
NAMESPACE=eventendpointmanagement
INSTANCE=eem
echo "\n\033[1;33m getting SSL/TLS details for Event Gateway in...\033[0m"
echo "namespace : $NAMESPACE"
echo "instance : $INSTANCE"
# -------------------------------------------------------------------
# verify dependencies are all available
# -------------------------------------------------------------------
echo "\n\033[1;33m checking for script dependencies...\033[0m"
check_dependency () {
if hash $1 2>/dev/null; then
echo "verified $1"
else
echo "$1 could not be found"
exit
fi
}
check_dependency "keytool"
check_dependency "oc"
check_dependency "openssl"
# -------------------------------------------------------------------
# cleanup from previous runs
# -------------------------------------------------------------------
rm eventgateway.p12
# -------------------------------------------------------------------
# get Event Gateway connection address
# -------------------------------------------------------------------
echo "\n\033[1;33m querying openshift for gateway connection address...\033[0m"
GATEWAY_ADDRESS=`oc get route $INSTANCE-egw-event-gw-client -n $NAMESPACE -o jsonpath="{.spec.host}"`
echo "gateway address: $GATEWAY_ADDRESS"
# -------------------------------------------------------------------
# setting up truststore
# -------------------------------------------------------------------
echo "\n\033[1;33m putting the certificate presented by the Gateway into a truststore...\033[0m"
echo -n | openssl s_client -connect $GATEWAY_ADDRESS:443 -servername $GATEWAY_ADDRESS -showcerts | openssl x509 > bootstrap.crt
keytool -import -noprompt \
-alias bootstrapca \
-file bootstrap.crt \
-keystore eventgateway.p12 -storepass password
rm bootstrap.crt
# -------------------------------------------------------------------
# outputting results
# -------------------------------------------------------------------
echo "\n\033[1;33m connection properties:\033[0m"
echo "\033[1m ssl.truststore.location=eventgateway.p12\033[0m"
echo "\033[1m ssl.truststore.type=PKCS12\033[0m"
echo "\033[1m ssl.truststore.password=password\033[0m"
echo "\033[1m ssl.endpoint.identification.algorithm=\033[0m"