diff options
| author | OpenShift Bot <eparis+openshiftbot@redhat.com> | 2017-03-21 16:12:35 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-03-21 16:12:35 -0500 |
| commit | be09be62cf9c3ac7ef1142f494437026d72bd3e7 (patch) | |
| tree | c839a4301e88eee61e412830ede3afb10a4bf284 /roles/openshift_metrics/files | |
| parent | 2ac2c5c4fcc260d5e59c524d54879f9717ac9fa6 (diff) | |
| parent | 6d7ca91fc4ddd7b40c8b7e9983a9a4b475f72214 (diff) | |
| download | openshift-be09be62cf9c3ac7ef1142f494437026d72bd3e7.tar.gz openshift-be09be62cf9c3ac7ef1142f494437026d72bd3e7.tar.bz2 openshift-be09be62cf9c3ac7ef1142f494437026d72bd3e7.tar.xz openshift-be09be62cf9c3ac7ef1142f494437026d72bd3e7.zip | |
Merge pull request #3667 from jpkrohling/JPK-SwitchCassandraToUseGeneratedCerts
Merged by openshift-bot
Diffstat (limited to 'roles/openshift_metrics/files')
| -rwxr-xr-x | roles/openshift_metrics/files/import_jks_certs.sh | 55 |
1 files changed, 1 insertions, 54 deletions
diff --git a/roles/openshift_metrics/files/import_jks_certs.sh b/roles/openshift_metrics/files/import_jks_certs.sh index c8d5bb3d2..b2537f448 100755 --- a/roles/openshift_metrics/files/import_jks_certs.sh +++ b/roles/openshift_metrics/files/import_jks_certs.sh @@ -21,11 +21,7 @@ set -ex function import_certs() { dir=$CERT_DIR hawkular_metrics_keystore_password=$(echo $METRICS_KEYSTORE_PASSWD | base64 -d) - hawkular_cassandra_keystore_password=$(echo $CASSANDRA_KEYSTORE_PASSWD | base64 -d) hawkular_metrics_truststore_password=$(echo $METRICS_TRUSTSTORE_PASSWD | base64 -d) - hawkular_cassandra_truststore_password=$(echo $CASSANDRA_TRUSTSTORE_PASSWD | base64 -d) - - cassandra_alias=`keytool -noprompt -list -keystore $dir/hawkular-cassandra.truststore -storepass ${hawkular_cassandra_truststore_password} | sed -n '7~2s/,.*$//p'` hawkular_alias=`keytool -noprompt -list -keystore $dir/hawkular-metrics.truststore -storepass ${hawkular_metrics_truststore_password} | sed -n '7~2s/,.*$//p'` if [ ! -f $dir/hawkular-metrics.keystore ]; then @@ -39,56 +35,7 @@ function import_certs() { -deststorepass $hawkular_metrics_keystore_password fi - if [ ! -f $dir/hawkular-cassandra.keystore ]; then - echo "Creating the Hawkular Cassandra keystore from the PEM file" - keytool -importkeystore -v \ - -srckeystore $dir/hawkular-cassandra.pkcs12 \ - -destkeystore $dir/hawkular-cassandra.keystore \ - -srcstoretype PKCS12 \ - -deststoretype JKS \ - -srcstorepass $hawkular_cassandra_keystore_password \ - -deststorepass $hawkular_cassandra_keystore_password - fi - - if [[ ! ${cassandra_alias[*]} =~ hawkular-metrics ]]; then - echo "Importing the Hawkular Certificate into the Cassandra Truststore" - keytool -noprompt -import -v -trustcacerts -alias hawkular-metrics \ - -file $dir/hawkular-metrics.crt \ - -keystore $dir/hawkular-cassandra.truststore \ - -trustcacerts \ - -storepass $hawkular_cassandra_truststore_password - fi - - if [[ ! ${hawkular_alias[*]} =~ hawkular-cassandra ]]; then - echo "Importing the Cassandra Certificate into the Hawkular Truststore" - keytool -noprompt -import -v -trustcacerts -alias hawkular-cassandra \ - -file $dir/hawkular-cassandra.crt \ - -keystore $dir/hawkular-metrics.truststore \ - -trustcacerts \ - -storepass $hawkular_metrics_truststore_password - fi - - if [[ ! ${cassandra_alias[*]} =~ hawkular-cassandra ]]; then - echo "Importing the Hawkular Cassandra Certificate into the Cassandra Truststore" - keytool -noprompt -import -v -trustcacerts -alias hawkular-cassandra \ - -file $dir/hawkular-cassandra.crt \ - -keystore $dir/hawkular-cassandra.truststore \ - -trustcacerts \ - -storepass $hawkular_cassandra_truststore_password - fi - - cert_alias_names=(ca metricca cassandraca) - - for cert_alias in ${cert_alias_names[*]}; do - if [[ ! ${cassandra_alias[*]} =~ "$cert_alias" ]]; then - echo "Importing the CA Certificate with alias $cert_alias into the Cassandra Truststore" - keytool -noprompt -import -v -trustcacerts -alias $cert_alias \ - -file ${dir}/ca.crt \ - -keystore $dir/hawkular-cassandra.truststore \ - -trustcacerts \ - -storepass $hawkular_cassandra_truststore_password - fi - done + cert_alias_names=(ca metricca) for cert_alias in ${cert_alias_names[*]}; do if [[ ! ${hawkular_alias[*]} =~ "$cert_alias" ]]; then |