2006-11-16 10:20:06 +01:00
|
|
|
#!/bin/sh
|
|
|
|
########################################################################
|
|
|
|
#
|
|
|
|
# Copyright (C) 2006 Novell, Inc. All Rights Reserved.
|
|
|
|
#
|
|
|
|
# This library is free software; you can redistribute it and/or
|
|
|
|
# modify it under the terms of the GNU Lesser General Public
|
|
|
|
# License as published by the Free Software Foundation; version 2.1
|
|
|
|
# of the License.
|
|
|
|
#
|
|
|
|
# This library is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
# Library Lesser General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU Lesser General Public
|
|
|
|
# License along with this library; if not, Novell, Inc.
|
|
|
|
#
|
|
|
|
# To contact Novell about this file by physical or electronic mail,
|
|
|
|
# you may find current contact information at www.novell.com.
|
|
|
|
#
|
|
|
|
# Author: Juan Carlos Luciani <jluciani@novell.com>
|
|
|
|
#
|
|
|
|
########################################################################
|
|
|
|
|
|
|
|
#############################################################
|
|
|
|
# #
|
|
|
|
# CASA Authentication Token Keystore Setup Script for #
|
|
|
|
# auththentication token validating clients. #
|
|
|
|
# #
|
|
|
|
# This script sets up the certificate associated with the #
|
|
|
|
# keys used by the ATS to sign authentication tokens in the #
|
|
|
|
# keystore utilized by token validating clients. #
|
|
|
|
# #
|
|
|
|
#############################################################
|
|
|
|
|
2007-01-08 11:36:42 +01:00
|
|
|
SILENT=0
|
|
|
|
if [ "$1" != "" ]; then
|
|
|
|
if [ "$1" == "-s" ]; then
|
|
|
|
SILENT=1
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2006-11-29 07:23:48 +01:00
|
|
|
if [ -d /usr/lib64 ]; then
|
2007-01-08 11:36:42 +01:00
|
|
|
LIB=lib64
|
2006-11-29 07:23:48 +01:00
|
|
|
else
|
2007-01-08 11:36:42 +01:00
|
|
|
LIB=lib
|
2006-11-29 07:23:48 +01:00
|
|
|
fi
|
|
|
|
|
2008-06-03 18:09:08 +02:00
|
|
|
JAVA_HOME=/usr/$LIB/jvm/jre
|
2007-06-01 17:41:46 +02:00
|
|
|
KEYTOOL_PATH=$JAVA_HOME/bin/keytool
|
|
|
|
KEYSTORE_PATH=/etc/CASA/authtoken/keys/trusted-ats-jks-store
|
|
|
|
LOCAL_ATS_SIGNING_CERT_PATH=/etc/CASA/authtoken/keys/localSigningCert
|
2006-11-16 10:20:06 +01:00
|
|
|
|
|
|
|
# Do not do anything if the client keystore has already been created
|
2007-06-01 17:41:46 +02:00
|
|
|
if [ -f $KEYSTORE_PATH ]; then
|
2007-01-08 11:36:42 +01:00
|
|
|
if [ $SILENT == 0 ]; then
|
|
|
|
echo "The client keystore is already setup"
|
|
|
|
fi
|
2006-11-16 10:20:06 +01:00
|
|
|
else
|
2007-06-01 17:41:46 +02:00
|
|
|
if [ -f $LOCAL_ATS_SIGNING_CERT_PATH ]; then
|
2006-11-17 13:13:20 +01:00
|
|
|
echo "Setting up the clients's keystore"
|
2006-11-16 10:20:06 +01:00
|
|
|
|
2006-11-17 13:13:20 +01:00
|
|
|
# Import the certificate to the client's keystore
|
2007-06-01 17:41:46 +02:00
|
|
|
$KEYTOOL_PATH -import -noprompt -keystore $KEYSTORE_PATH -alias signingCert -storepass secret -keypass secret -file $LOCAL_ATS_SIGNING_CERT_PATH
|
2006-11-16 10:20:06 +01:00
|
|
|
|
2006-11-17 13:13:20 +01:00
|
|
|
# List the content's of the client's keystore
|
2007-06-01 17:41:46 +02:00
|
|
|
#$KEYTOOL_PATH -list -rfc -keystore $KEYSTORE_PATH -alias signingCert -storepass secret
|
2006-11-17 13:13:20 +01:00
|
|
|
else
|
2007-06-01 17:41:46 +02:00
|
|
|
echo "File $LOCAL_ATS_SIGNING_CERT_PATH not found"
|
2006-11-17 13:13:20 +01:00
|
|
|
fi
|
2006-11-16 10:20:06 +01:00
|
|
|
fi
|
2007-06-01 17:41:46 +02:00
|
|
|
|