1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
#!/bin/bash
set -e
# GIVEN a PKCS12 Java keystore
ETCCERTSDIR=/etc/ssl/certs
CACERTS=$ETCCERTSDIR/java/cacerts
rm $CACERTS
keytool -importcert -noprompt -alias Amazon -file /etc/ssl/certs/Amazon_Root_CA_1.pem -trustcacerts -storepass changeit -storetype PKCS12 -keystore test.store 2> /dev/null
apt-get remove -y ca-certificates-java
mkdir -p /etc/ssl/certs/java/
mkdir -p /var/lib/ca-certificates-java/
mv test.store $CACERTS
# WHEN ca-certificates-java is requested to convert the keystore
touch /var/lib/ca-certificates-java/convert_pkcs12_keystore_to_jks
# THEN conversion is successful
output=`mktemp`
apt-get install -y default-jre-headless | tee ${output}
if [[ $(grep -L "Entry for alias amazon successfully imported." ${output}) ]];
then
echo "Certificates were not imported !!!"
exit 255
fi
|
