Code Review / sdc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
sdc-be certificate handling
[sdc.git] / catalog-be / src / main / docker / backend / chef-repo / cookbooks / sdc-catalog-be / recipes / BE_3_setup_key_and_trust_store.rb
1 #Set the http module option
2 if node['BE'][:tls_cert]
3   execute "generate-keystore" do
4     command "openssl pkcs12 -inkey #{node['BE'][:tls_key]} -in #{node['BE'][:tls_cert]} -export -out /tmp/keystore.pkcs12 -passin pass:#{node['BE'][:tls_password]} -passout pass:#{node['BE'][:tls_password]}"
5   end
6
7   execute "import-keystore" do
8     command "keytool -importkeystore -srcstoretype PKCS12 -srckeystore /tmp/keystore.pkcs12 -srcstorepass #{node['BE'][:tls_password]} -destkeystore #{ENV['JETTY_BASE']}/#{node['BE'][:keystore_path]} -deststorepass #{node['BE'][:keystore_password]} -noprompt"
9   end
10 end
11
12 if node['BE'][:ca_cert]
13   execute "delete-existing-ca-alias" do
14     command "keytool -delete -alias sdc-be -storepass #{node['BE'][:truststore_password]} -keystore #{ENV['JETTY_BASE']}/#{node['BE'][:truststore_path]}"
15     returns [0, 1]
16   end
17
18   execute "generate-truststore" do
19     command "keytool -import  -alias sdc-be -file #{node['BE'][:ca_cert]} -storetype JKS -keystore #{ENV['JETTY_BASE']}/#{node['BE'][:truststore_path]} -storepass #{node['BE'][:truststore_password]} -noprompt"
20   end
21 end
SDC Parent Project Catalog FE and BE