Permalink
Browse files

[build] added error checks to the certificate generation script. Chec…

…ks for correct java installation.
  • Loading branch information...
1 parent bf8e760 commit 2f1271c856981ad1f77bd9d47a32c5676411d4ea @smee committed Aug 27, 2010
Showing with 73 additions and 42 deletions.
  1. +23 −4 examServer/src/main/scripts/createCertificates.bat
  2. +50 −38 examServer/src/main/scripts/createCertificates.sh
View
27 examServer/src/main/scripts/createCertificates.bat 100755 → 100644
@@ -1,8 +1,22 @@
@echo off
-rem author sdienst@informatik.uni-leipzig.de
+rem author Steffen Dienst (sdienst@informatik.uni-leipzig.de)
+rem
+rem Gnu Public License v2, see license text at http://www.gnu.org/licenses/gpl.html
+rem
rem Create a new jks keystore with a self signed certificate as well as a PKCS12 keypair. Both
rem files can be used for implementing SSL in tomcat 5.5 including client authentication.
+if exist "%JAVA_HOME%\bin\keytool.exe" goto keytoolAvailable
+echo Please install the current Java Development Kit (JDK), version 1.6.0 or newer.
+echo The download can be found at http://www.oracle.com/technetwork/java/javase/downloads/index.html
+echo.
+echo JAVA_HOME should point to the installation directory!
+goto endScript
+
+
+:keytoolAvailable
+
+set PATH=%PATH%;%JAVA_HOME%\bin
set commonname=localhost
set /P commonname=Please enter the domainname of the elateXam server [ %commonname% ]:
if ""=="%commonname%" set commonname=localhost
@@ -19,14 +33,17 @@ set password=password
set /P password=Please enter the password for all keys:
if ""=="%password%" set password=password
-echo ""
+echo.
set serveralias=tomcat
set clientalias=clientCert
echo Generating new server certificate key...
keytool -genkeypair -alias %serveralias% -keyalg RSA -validity 365 -keystore server.keystore -dname cn="%commonname%",o="%ownername%",l="%location%" -keypass %password% -storepass %password%
-sleep 1
+
+rem wait for app. 1 second to prevent generation of two certificates with the same serial number
+ping /n 2 localhost >nul
+
echo Generating new client certificate key...
keytool -genkeypair -alias %clientalias% -keyalg RSA -validity 365 -storetype pkcs12 -keystore clientcertificate.p12 -dname cn="%commonname%",o="%ownername%",l="%location%" -storepass %password% -keypass %password%
@@ -38,8 +55,10 @@ keytool -importcert -v -alias %clientalias% -file client-public.cer -keystore se
del client-public.cer
keytool -list -keystore server.keystore -storepass %password%
-echo ""
+echo.
echo Please import clientcertificate.p12 into your browser, use server.keystore as keystore/truststore in tomcat 5.5.
echo For details on configuring tomcat please refer to http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html
+echo.
echo Done!
+:endScript
View
88 examServer/src/main/scripts/createCertificates.sh 100755 → 100644
@@ -1,43 +1,55 @@
#!/bin/bash
# Create a new jks keystore with a self signed certificate as well as a PKCS12 keypair. Both
# files can be used for implementing SSL in tomcat 5.5 including client authentication.
-commonname="localhost"
-echo -n "Please enter the domainname of the elateXam server [" $commonname "]: "
-read commonname
-ownername="free form name of the institution"
-echo -n "Please enter the name of your organization [" $ownername "]: "
-read ownername
-location="Unknwown"
-echo -n "Please enter your location/city: [" $location "]: "
-read location
-password="password"
-echo -n "Please enter the password for all keys: "
-read -s password
-echo ""
+if [ -r "$JAVA_HOME"/bin/keytool ]; then
+ commonname="localhost"
+ echo -n "Please enter the domainname of the elateXam server [" $commonname "]: "
+ read commonname
+ ownername="free form name of the institution"
+ echo -n "Please enter the name of your organization [" $ownername "]: "
+ read ownername
+ location="Unknwown"
+ echo -n "Please enter your location/city: [" $location "]: "
+ read location
+ password="password"
+ echo -n "Please enter the password for all keys: "
+ read -s password
+ echo ""
+
+ # use default values for empty variables
+ : ${commonname:="localhost"}
+ : ${ownername:="Name of the organization"}
+ : ${password:="password"}
+ : ${location:="Unknown"}
+
+ serveralias="tomcat"
+ clientalias="clientCert"
+
+ echo "Generating new server certificate key..."
+ keytool -genkeypair -alias ${serveralias} -keyalg RSA -validity 365 -keystore server.keystore -dname cn="${commonname}",o="${ownername}",l="${location}" -keypass ${password} -storepass ${password}
+
+ rem wait for app. 1 second to prevent generation of two certificates with the same serial number
+ sleep 1
+
+ echo "Generating new client certificate key..."
+ keytool -genkeypair -alias ${clientalias} -keyalg RSA -validity 365 -storetype pkcs12 -keystore clientcertificate.p12 -dname cn="${commonname}",o="${ownername}",l="${location}" -storepass ${password} -keypass ${password}
+
+ # export certificates
+ echo "Importing public client certificate into server keystore..."
+ keytool -exportcert -alias ${clientalias} -keystore clientcertificate.p12 -storetype pkcs12 -storepass ${password} -file client-public.cer
+ keytool -importcert -v -alias ${clientalias} -file client-public.cer -keystore server.keystore -storepass ${password} -noprompt -trustcacerts
+
+ rm client-public.cer
+ keytool -list -v -keystore server.keystore -storepass ${password}
+ echo "Please import clientcertificate.p12 into your browser, use server.keystore as keystore/truststore in tomcat 5.5."
+ echo "For details on configuring tomcat please refer to http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html"
+ echo "Done!"
-# use default values for empty variables
-: ${commonname:="localhost"}
-: ${ownername:="Name of the organization"}
-: ${password:="password"}
-: ${location:="Unknown"}
-
-serveralias="tomcat"
-clientalias="clientCert"
-
-echo "Generating new server certificate key..."
-keytool -genkeypair -alias ${serveralias} -keyalg RSA -validity 365 -keystore server.keystore -dname cn="${commonname}",o="${ownername}",l="${location}" -keypass ${password} -storepass ${password}
-sleep 1
-echo "Generating new client certificate key..."
-keytool -genkeypair -alias ${clientalias} -keyalg RSA -validity 365 -storetype pkcs12 -keystore clientcertificate.p12 -dname cn="${commonname}",o="${ownername}",l="${location}" -storepass ${password} -keypass ${password}
-
-# export certificates
-echo "Importing public client certificate into server keystore..."
-keytool -exportcert -alias ${clientalias} -keystore clientcertificate.p12 -storetype pkcs12 -storepass ${password} -file client-public.cer
-keytool -importcert -v -alias ${clientalias} -file client-public.cer -keystore server.keystore -storepass ${password} -noprompt -trustcacerts
-
-rm client-public.cer
-keytool -list -v -keystore server.keystore -storepass ${password}
-echo "Please import clientcertificate.p12 into your browser, use server.keystore as keystore/truststore in tomcat 5.5."
-echo "For details on configuring tomcat please refer to http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html"
-echo "Done!"
+ else
+ echo "Please install the current Java Development Kit (JDK), version 1.6.0 or newer."
+ echo "The download can be found at http://www.oracle.com/technetwork/java/javase/downloads/index.html"
+ echo ""
+ echo "JAVA_HOME should point to the installation directory!"
+ exit 1
+ fi

0 comments on commit 2f1271c

Please sign in to comment.