Changes to allow for the setup of trust relationships with ATSs.
This commit is contained in:
Juan Carlos Luciani
@@ -1,5 +1,4 @@
|
||||
com.novell.casa.authtoksvc.crypto.keystore.type=jks
|
||||
com.novell.casa.authtoksvc.crypto.keystore.password=secret
|
||||
com.novell.casa.authtoksvc.crypto.keystore.alias=signingCert
|
||||
com.novell.casa.authtoksvc.crypto.alias.password=secret
|
||||
com.novell.casa.authtoksvc.crypto.file=/etc/CASA/authtoken/keys/client/jks-store
|
||||
com.novell.casa.authtoksvc.crypto.trusted_ats_keystore.password=secret
|
||||
com.novell.casa.authtoksvc.crypto.trusted_ats_keystore.file=/etc/CASA/authtoken/keys/trusted-ats-jks-store
|
||||
|
||||
|
||||
@@ -48,24 +48,26 @@ else
|
||||
fi
|
||||
|
||||
JAVA_HOME=/usr/$LIB/jvm/jre-1.5.0
|
||||
KEYTOOL_PATH=$JAVA_HOME/bin/keytool
|
||||
KEYSTORE_PATH=/etc/CASA/authtoken/keys/trusted-ats-jks-store
|
||||
LOCAL_ATS_SIGNING_CERT_PATH=/etc/CASA/authtoken/keys/localSigningCert
|
||||
|
||||
# Do not do anything if the client keystore has already been created
|
||||
if [ -f /etc/CASA/authtoken/keys/client/jks-store ]; then
|
||||
if [ -f $KEYSTORE_PATH ]; then
|
||||
if [ $SILENT == 0 ]; then
|
||||
echo "The client keystore is already setup"
|
||||
fi
|
||||
else
|
||||
if [ -f /etc/CASA/authtoken/keys/casaatsdSigningCert ]; then
|
||||
if [ -f $LOCAL_ATS_SIGNING_CERT_PATH ]; then
|
||||
echo "Setting up the clients's keystore"
|
||||
|
||||
KEYTOOL_PATH=$JAVA_HOME/bin/keytool
|
||||
|
||||
# Import the certificate to the client's keystore
|
||||
$KEYTOOL_PATH -import -noprompt -keystore /etc/CASA/authtoken/keys/client/jks-store -alias signingCert -storepass secret -keypass secret -file /etc/CASA/authtoken/keys/casaatsdSigningCert
|
||||
$KEYTOOL_PATH -import -noprompt -keystore $KEYSTORE_PATH -alias signingCert -storepass secret -keypass secret -file $LOCAL_ATS_SIGNING_CERT_PATH
|
||||
|
||||
# List the content's of the client's keystore
|
||||
#$KEYTOOL_PATH -list -rfc -keystore client/jks-store -alias signingCert -storepass secret
|
||||
#$KEYTOOL_PATH -list -rfc -keystore $KEYSTORE_PATH -alias signingCert -storepass secret
|
||||
else
|
||||
echo "File /etc/CASA/authtoken/keys/casaatsdSigningCert not found"
|
||||
echo "File $LOCAL_ATS_SIGNING_CERT_PATH not found"
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
@@ -42,26 +42,26 @@ if [ "$1" != "" ]; then
|
||||
fi
|
||||
fi
|
||||
|
||||
# Set JAVA_HOME
|
||||
JAVA_HOME="/opt/novell/zenworks/share/java"
|
||||
KEYTOOL_PATH=$JAVA_HOME/bin/keytool
|
||||
KEYSTORE_PATH=/etc/CASA/authtoken/keys/trusted-ats-jks-store
|
||||
LOCAL_ATS_SIGNING_CERT_PATH=/etc/CASA/authtoken/keys/localSigningCert
|
||||
|
||||
# Do not do anything if the client keystore has already been created
|
||||
if [ -f /etc/CASA/authtoken/keys/client/jks-store ]; then
|
||||
if [ -f $KEYSTORE_PATH ]; then
|
||||
if [ $SILENT == 0 ]; then
|
||||
echo "The client keystore is already setup"
|
||||
fi
|
||||
else
|
||||
if [ -f /etc/CASA/authtoken/keys/casaatsdSigningCert ]; then
|
||||
if [ -f $LOCAL_ATS_SIGNING_CERT_PATH ]; then
|
||||
echo "Setting up the clients's keystore"
|
||||
|
||||
KEYTOOL_PATH=$JAVA_HOME/bin/keytool
|
||||
|
||||
# Import the certificate to the client's keystore
|
||||
$KEYTOOL_PATH -import -noprompt -keystore /etc/CASA/authtoken/keys/client/jks-store -alias signingCert -storepass secret -keypass secret -file /etc/CASA/authtoken/keys/casaatsdSigningCert
|
||||
$KEYTOOL_PATH -import -noprompt -keystore $KEYSTORE_PATH -alias signingCert -storepass secret -keypass secret -file $LOCAL_ATS_SIGNING_CERT_PATH
|
||||
|
||||
# List the content's of the client's keystore
|
||||
#$KEYTOOL_PATH -list -rfc -keystore client/jks-store -alias signingCert -storepass secret
|
||||
#$KEYTOOL_PATH -list -rfc -keystore $KEYSTORE_PATH -alias signingCert -storepass secret
|
||||
else
|
||||
echo "File /etc/CASA/authtoken/keys/casaatsdSigningCert not found"
|
||||
echo "File $LOCAL_ATS_SIGNING_CERT_PATH not found"
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
com.novell.casa.authtoksvc.crypto.keystore.type=jks
|
||||
com.novell.casa.authtoksvc.crypto.keystore.password=secret
|
||||
com.novell.casa.authtoksvc.crypto.keystore.alias=signingCert
|
||||
com.novell.casa.authtoksvc.crypto.alias.password=secret
|
||||
com.novell.casa.authtoksvc.crypto.file=/etc/CASA/authtoken/keys/client/jks-store
|
||||
com.novell.casa.authtoksvc.crypto.trusted_ats_keystore.password=secret
|
||||
com.novell.casa.authtoksvc.crypto.trusted_ats_keystore.file=ATS_INSTALL_DIR//etc//keys//trusted-ats-jks-store
|
||||
|
||||
|
||||
Reference in New Issue
Block a user