3 set -eu -o pipefail -o xtrace
6 CN_PREFIX=dcaegen2-hvves
7 DNAME_PREFIX="C=PL,ST=DL,L=Wroclaw,O=Nokia,OU=MANO,CN=${CN_PREFIX}"
9 store_opts="-storetype PKCS12 -storepass ${STORE_PASS} -noprompt"
14 local keystore="-keystore ${key_name}.p12 ${store_opts}"
15 keytool -genkey -alias ${key_name} \
20 -dname "${DNAME_PREFIX}-${key_name}"
21 keytool -import -trustcacerts -alias ${ca} -file ${ca}.crt ${keystore}
23 keytool -certreq -alias ${key_name} -keyalg RSA ${keystore} | \
24 keytool -alias ${ca} -gencert -ext "san=dns:${CN_PREFIX}-${ca}" ${store_opts} -keystore ${ca}.p12 | \
25 keytool -alias ${key_name} -importcert ${keystore}
31 keytool -genkeypair ${store_opts} -alias ${ca} -dname "${DNAME_PREFIX}-${ca}" -keystore ${ca}.p12
32 keytool -export -alias ${ca} -file ${ca}.crt ${store_opts} -keystore ${ca}.p12
35 function gen_truststore() {
38 keytool -import -trustcacerts -alias ca -file ${trusted_ca}.crt ${store_opts} -keystore ${name}.p12
45 if [[ $# -eq 0 ]]; then
48 gen_truststore trust ca
49 gen_truststore untrustedtrust untrustedca
52 gen_key untrustedclient untrustedca
53 elif [[ $1 == "clean" ]]; then
56 echo "usage: $0 [clean]"