+
+def cleanup():
+ for file in jks_files:
+ if os.path.isfile(file):
+ logging.debug("Cleaning up the file %s", file)
+ os.remove(file)
+
+
+def jks_to_p12(file, password):
+ """Converts jks format into p12"""
+ try:
+ p12_file = file.replace('.jks', '.p12')
+ jks_cmd = 'keytool -importkeystore -srckeystore {src_file} -destkeystore {dest_file} -srcstoretype JKS -srcstorepass {src_pass} -deststoretype PKCS12 -deststorepass {dest_pass}'.format(src_file=file, dest_file=p12_file, src_pass=password, dest_pass=password)
+ logging.debug("Converting %s into p12 format", file)
+ os.system(jks_cmd)
+ file = p12_file
+ return file
+ except Exception as e:
+ logging.error("Error occurred while converting jks to p12 format : %s", e)
+
+
+def extract_content():
+ """Extracts client key, certificates, CA certificates."""
+ try:
+ certList = []
+ key = None
+ cert = None
+
+ truststore_pass = get_pass(truststore_pass_file)
+ truststore_file_p12 = jks_to_p12(truststore_file, truststore_pass)
+
+ keystore_pass = get_pass(keystore_pass_file)
+ keystore_file_p12 = jks_to_p12(keystore_file, keystore_pass)
+
+ clcrt_cmd = 'openssl pkcs12 -in {src_file} -clcerts -nokeys -passin pass:{src_pass}'.format(src_file=keystore_file_p12, src_pass=keystore_pass)
+
+ clkey_cmd = 'openssl pkcs12 -in {src_file} -nocerts -nodes -passin pass:{src_pass}'.format(src_file=keystore_file_p12, src_pass=keystore_pass)
+ trust_file = truststore_file_p12.split('/')[2] + '.trust'
+
+ trustCerts_cmd = 'openssl pkcs12 -in {src_file} -out {out_file} -cacerts -nokeys -passin pass:{src_pass} '.format(src_file=truststore_file_p12, out_file=Path + '/' + trust_file, src_pass=truststore_pass)
+
+ result_key = subprocess.check_output(clkey_cmd , shell=True)
+ if result_key:
+ key = result_key.split('-----BEGIN PRIVATE KEY-----', 1)[1].lstrip().split('-----END PRIVATE KEY-----')[0]
+ logging.debug("key ok")
+
+ os.system(trustCerts_cmd)
+ if os.path.exists(Path + '/' + trust_file):
+ certList = readTrustedCertificate(Path, trust_file)
+ logging.debug("certList ok")
+
+ result_crt = subprocess.check_output(clcrt_cmd , shell=True)
+ if result_crt:
+ cert = result_crt.split('-----BEGIN CERTIFICATE-----', 1)[1].lstrip().split('-----END CERTIFICATE-----')[0]
+ logging.debug("cert ok")
+
+ if key and cert and certList:
+ post_content(key, cert, certList, 0)
+ else:
+ logging.debug("Exiting. Key, cert or key are missing")
+ return
+
+ except Exception as e:
+ logging.error("Error occurred while processing the file: %s", e)
+
+
+def look_for_jks_files():
+ if all([os.path.isfile(f) for f in jks_files]):
+ extract_content()
+ cleanup()
+ else:
+ logging.debug("Some of the files are missing")
+ return
+
+
+def readCertProperties():
+ '''
+ This function searches for manually copied zip file
+ containing certificates. This is required as part
+ of backward compatibility.
+ If not foud, it searches for jks certificates.
+ '''
+ connected = makeHealthcheckCall(headers, timePassed)