#!/bin/sh ######################################################################## # # Copyright (C) 2006 Novell, Inc. All Rights Reserved. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; version 2.1 # of the License. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Library Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, Novell, Inc. # # To contact Novell about this file by physical or electronic mail, # you may find current contact information at www.novell.com. # # Author: Juan Carlos Luciani # ######################################################################## ############################################################# # # # CASA Authentication Token Keystore Setup Script for # # auththentication token validating clients. # # # # This script sets up the certificate associated with the # # keys used by the ATS to sign authentication tokens in the # # keystore utilized by token validating clients. # # # ############################################################# SILENT=0 if [ "$1" != "" ]; then if [ "$1" == "-s" ]; then SILENT=1 fi fi if [ -d /usr/lib64/jvm/jre ]; then LIB=lib64 else LIB=lib fi JAVA_HOME=/usr/$LIB/jvm/jre KEYTOOL_PATH=$JAVA_HOME/bin/keytool KEYSTORE_PATH=/etc/CASA/authtoken/keys/trusted-ats-jks-store LOCAL_ATS_SIGNING_CERT_PATH=/etc/CASA/authtoken/keys/localSigningCert # Do not do anything if the client keystore has already been created if [ -f $KEYSTORE_PATH ]; then if [ $SILENT == 0 ]; then echo "The client keystore is already setup" fi else if [ -f $LOCAL_ATS_SIGNING_CERT_PATH ]; then echo "Setting up the clients's keystore" # Import the certificate to the client's keystore $KEYTOOL_PATH -import -noprompt -keystore $KEYSTORE_PATH -alias signingCert -storepass secret -keypass secret -file $LOCAL_ATS_SIGNING_CERT_PATH # List the content's of the client's keystore #$KEYTOOL_PATH -list -rfc -keystore $KEYSTORE_PATH -alias signingCert -storepass secret else echo "File $LOCAL_ATS_SIGNING_CERT_PATH not found" fi fi