You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2015/03/20 11:41:57 UTC

svn commit: r1667982 - in /qpid/trunk/qpid/java/test-profiles/test_resources/ssl: generate-java-keystores.sh generate-root-ca.sh

Author: orudyy
Date: Fri Mar 20 10:41:57 2015
New Revision: 1667982

URL: http://svn.apache.org/r1667982
Log:
NO-JIRA: Add Apache licenses to scripts generating keystores/trustores/CA and improve instruction messages issued by scripts

Modified:
    qpid/trunk/qpid/java/test-profiles/test_resources/ssl/generate-java-keystores.sh
    qpid/trunk/qpid/java/test-profiles/test_resources/ssl/generate-root-ca.sh

Modified: qpid/trunk/qpid/java/test-profiles/test_resources/ssl/generate-java-keystores.sh
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/test-profiles/test_resources/ssl/generate-java-keystores.sh?rev=1667982&r1=1667981&r2=1667982&view=diff
==============================================================================
--- qpid/trunk/qpid/java/test-profiles/test_resources/ssl/generate-java-keystores.sh (original)
+++ qpid/trunk/qpid/java/test-profiles/test_resources/ssl/generate-java-keystores.sh Fri Mar 20 10:41:57 2015
@@ -1,4 +1,23 @@
-#!/bin/bash
+#!/usr/bin/env bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
 echo "Remove existing java broker keystore"
 rm java_broker_keystore.jks
 echo "Re-create java broker keystore by importing RootCA certificate"
@@ -9,7 +28,7 @@ echo "Export certificate signing request
 keytool -certreq -alias java-broker -sigalg SHA1withRSA -keystore java_broker_keystore.jks -storepass password -v -file java-broker.req
 echo "Sign certificate by entering:"
 echo "  n for 'Is this a CA certificate [y/N]?'"
-echo "  0 for 'Enter the path length constraint, enter to skip [<0 for unlimited path]: >'"
+echo "  [Enter] for 'Enter the path length constraint, enter to skip [<0 for unlimited path]: >'"
 echo "  n for 'Is this a critical extension [y/N]?'"
 echo "  password which was specified on creation root CA database."
 certutil -C -d CA_db -c "MyRootCA" -a -i java-broker.req -o java-broker.crt -2 -6 --extKeyUsage serverAuth -v 60 -Z SHA1
@@ -55,7 +74,7 @@ keytool --list --keystore java_client_ke
 read -p "Press [Enter] key to continue..."
 echo "Remove existing client truststore"
 rm java_client_truststore.jks 
-echo "Re-create existing client truststore by importing RootCA certificate"
+echo "Re-create client truststore by importing RootCA certificate"
 keytool -import -v -keystore java_client_truststore.jks -storepass password -alias RootCA -file CA_db/rootca.crt
 echo "List entries in client trusttore"
 keytool --list --keystore java_client_truststore.jks  -storepass password
@@ -63,7 +82,7 @@ keytool --list --keystore java_client_tr
 read -p "Press [Enter] key to continue..."
 echo "Remove existing broker truststore"
 rm java_broker_truststore.jks
-echo "Re-create existing broker truststore by importing RootCA certificate"
+echo "Re-create broker truststore by importing RootCA certificate"
 keytool -import -v -keystore java_broker_truststore.jks -storepass password -alias RootCA -file CA_db/rootca.crt
 echo "List entries in broker truststore"
 keytool --list --keystore java_broker_truststore.jks  -storepass password
@@ -71,7 +90,7 @@ keytool --list --keystore java_broker_tr
 read -p "Press [Enter] key to continue..."
 echo "Remove existing broker peerstore"
 rm java_broker_peerstore.jks 
-echo "Re-create existing broker peerstore by importing app1 certificate"
+echo "Re-create broker peerstore by importing app1 certificate"
 keytool -import -v -keystore java_broker_peerstore.jks -storepass password -alias app1 -file app1.crt
 echo "List entries in broker peerstore"
 keytool --list --keystore java_broker_peerstore.jks  -storepass password

Modified: qpid/trunk/qpid/java/test-profiles/test_resources/ssl/generate-root-ca.sh
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/test-profiles/test_resources/ssl/generate-root-ca.sh?rev=1667982&r1=1667981&r2=1667982&view=diff
==============================================================================
--- qpid/trunk/qpid/java/test-profiles/test_resources/ssl/generate-root-ca.sh (original)
+++ qpid/trunk/qpid/java/test-profiles/test_resources/ssl/generate-root-ca.sh Fri Mar 20 10:41:57 2015
@@ -1,12 +1,32 @@
+#!/usr/bin/env bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
 echo "Create a new certificate database for root CA"
 rm CA_db/*
 certutil -N -d CA_db
                  
-echo "Create the self-signed Root CA certificate"
-echo "Enter the password you specified when creating the root CA database."
-echo "y for 'Is this a CA certificate [y/N]?'”
-echo "Press enter for 'Enter the path length constraint, enter to skip [<0 for unlimited path]: >'"
-echo "n for 'Is this a critical extension [y/N]?'”
+echo "Create the self-signed Root CA certificate by entering:"
+echo "  password which was specified on creation of root CA database."
+echo "  y for 'Is this a CA certificate [y/N]?'"
+echo "  [Enter] for 'Enter the path length constraint, enter to skip [<0 for unlimited path]: >'"
+echo "  n for 'Is this a critical extension [y/N]?'"
 certutil -S -d CA_db -n "MyRootCA" -s "CN=MyRootCA,O=ACME,ST=Ontario,C=CA" -t "CT,," -x -2 -Z SHA1 -v 60
 echo "Extract the CA certificate from the CA’s certificate database to a file."
 certutil -L -d CA_db -n "MyRootCA" -a -o CA_db/rootca.crt
@@ -19,11 +39,11 @@ echo "Import the CA certificate into the
 certutil -A -d server_db -n "MyRootCA" -t "TC,," -a -i CA_db/rootca.crt
 echo "Create the server certificate request"
 certutil -R -d server_db -s "CN=localhost.localdomain,O=ACME,ST=Ontario,C=CA" -a -o server_db/server.req -Z SHA1
-echo "Sign and issue a new server certificate"
-echo "n for 'Is this a CA certificate [y/N]?'"
-echo "-1 for 'Enter the path length constraint, enter to skip [<0 for unlimited path]: >'"
-echo "n' for 'Is this a critical extension [y/N]?'"
-echo "enter the password you specified when creating the root CA database."
+echo "Sign and issue a new server certificate by entering:"
+echo "  n for 'Is this a CA certificate [y/N]?'"
+echo "  '-1' for 'Enter the path length constraint, enter to skip [<0 for unlimited path]: >'"
+echo "  n for 'Is this a critical extension [y/N]?'"
+echo "  password which was specified on creation of root CA database."
 certutil -C -d CA_db -c "MyRootCA" -a -i server_db/server.req -o server_db/server.crt -2 -6  --extKeyUsage serverAuth -v 60 -Z SHA1
 echo "Import signed certificate to the broker’s certificate database"
 certutil -A -d server_db -n localhost.localdomain -a -i server_db/server.crt -t ",,"



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org