Merge "[DMAAP] DMaaP ServiceMesh compatibility"

[oom.git] / kubernetes / common / cert-wrapper / resources / import-custom-certs.sh

diff --git a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
index eb07a74..96b0c0c 100755 (executable)
--- a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
+++ b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
@@ -22,6 +22,7 @@ WORK_DIR=${WORK_DIR:-/updatedTruststore}
 ONAP_TRUSTSTORE=${ONAP_TRUSTSTORE:-truststoreONAPall.jks}
 JRE_TRUSTSTORE=${JRE_TRUSTSTORE:-$JAVA_HOME/lib/security/cacerts}
 TRUSTSTORE_OUTPUT_FILENAME=${TRUSTSTORE_OUTPUT_FILENAME:-truststore.jks}
+SSL_WORKDIR=${SSL_WORKDIR:-/usr/local/share/ca-certificates}
 
 mkdir -p $WORK_DIR
 
@@ -40,7 +41,7 @@ for f in $CERTS_DIR/*; do
   if echo $f | grep '\.sh$' >/dev/null; then
     continue
   fi
-  if echo $f | grep '\.b64$' >/dev/null; then
+  if echo $f | grep '\.b64$' >/dev/null
     then
       base64 -d $f > $WORK_DIR/`basename $f .b64`
     else
@@ -75,3 +76,15 @@ for f in $WORK_DIR/*; do
     fi
   fi
 done
+
+# Import certificates to Linux SSL Truststore
+cp $CERTS_DIR/*.crt $SSL_WORKDIR/.
+cp $MORE_CERTS_DIR/*.crt $SSL_WORKDIR/.
+update-ca-certificates
+if [ $? != 0 ]
+  then
+    echo "failed importing certificates"
+    exit 1
+  else
+    cp /etc/ssl/certs/ca-certificates.crt $WORK_DIR/.
+fi