Add Java Default Certificat Authorities into the keystore if using a custom cert SSL Related to CLOUDSTACK-1475 Fix some english message
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/d8767ec1 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/d8767ec1 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/d8767ec1 Branch: refs/heads/master Commit: d8767ec13e84b7b95c1c94c0669fc82cf48dfd08 Parents: 34111df Author: Milamber <[email protected]> Authored: Fri May 20 09:20:12 2016 +0100 Committer: Milamber <[email protected]> Committed: Wed May 25 06:34:15 2016 +0100 ---------------------------------------------------------------------- systemvm/scripts/config_ssl.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d8767ec1/systemvm/scripts/config_ssl.sh ---------------------------------------------------------------------- diff --git a/systemvm/scripts/config_ssl.sh b/systemvm/scripts/config_ssl.sh index 9dfb927..8635887 100755 --- a/systemvm/scripts/config_ssl.sh +++ b/systemvm/scripts/config_ssl.sh @@ -16,9 +16,6 @@ # specific language governing permissions and limitations # under the License. - - - help() { printf " -c use customized key/cert\n" printf " -k path of private key\n" @@ -123,6 +120,8 @@ customCACert= publicIp= hostName= keyStore=$(dirname $0)/certs/realhostip.keystore +defaultJavaKeyStoreFile=/etc/ssl/certs/java/cacerts +defaultJavaKeyStorePass="changeit" aliasName="CPVMCertificate" storepass="vmops.com" while getopts 'i:h:k:p:t:u:c' OPTION @@ -167,13 +166,13 @@ then fi if [ ! -f "$customPrivKey" ] then - printf "priviate key file is not exist\n" + printf "private key file does not exist\n" exit 2 fi if [ ! -f "$customPrivCert" ] then - printf "public certificate is not exist\n" + printf "public certificate does not exist\n" exit 3 fi @@ -181,7 +180,7 @@ then then if [ ! -f "$customCertChain" ] then - printf "certificate chain is not exist\n" + printf "certificate chain does not exist\n" exit 4 fi fi @@ -204,6 +203,7 @@ if [ -f "$customCACert" ] then keytool -delete -alias $aliasName -keystore $keyStore -storepass $storepass -noprompt keytool -import -alias $aliasName -keystore $keyStore -storepass $storepass -noprompt -file $customCACert + keytool -importkeystore -srckeystore $defaultJavaKeyStoreFile -destkeystore $keyStore -srcstorepass $defaultJavaKeyStorePass -deststorepass $storepass -noprompt fi if [ -d /etc/apache2 ]
