@@ -375,6 +375,99 @@ generate_env_file() {
375375 source $ENV_FILE
376376 end " Finished generating env file."
377377}
378+ generate-ca-server-client-kpi () {
379+ NAME=$1
380+ FOLDER=$2
381+ if [[ ! -f " ${FOLDER} /server_${NAME} _key.pem" ; then
382+ do_generate-ca-server-client-kpi $1 $2
383+ fi
384+ }
385+ do_generate-ca-server-client-kpi () {
386+ NAME=$1
387+ FOLDER=$2
388+ ROOT=$SELENIUM_ROOT_FOLDER
389+
390+ begin " Generate certs for $NAME "
391+
392+ if [ ! -d " $ROOT /tls-gen" ; then
393+ git clone https://github.com/michaelklishin/tls-gen $ROOT /tls-gen
394+ fi
395+
396+ print " Generating CA and Server (localhost and $NAME ) PKI under $FOLDER ..."
397+ mkdir -p $FOLDER
398+
399+ CUR_DIR=$( pwd)
400+ cd $ROOT /tls-gen/basic
401+ cp openssl.cnf openssl.cnf.bak
402+ if [ -f " $FOLDER /openssl.cnf.in" ; then
403+ cp $FOLDER /openssl.cnf.in >> openssl.cnf
404+ fi
405+ if [[ ! -z " ${DEBUG} " ; then
406+ print " Used this openssl.conf"
407+ cat openssl.cnf
408+ fi
409+ make CN=$NAME CLIENT_ALT_NAME=internaluser
410+ cp openssl.cnf.bak openssl.cnf
411+ cd $CUR_DIR
412+
413+ cp $ROOT /tls-gen/basic/result/ca_certificate.pem $FOLDER /ca_${NAME} _certificate.pem
414+ cp $ROOT /tls-gen/basic/result/server_${NAME} _certificate.pem $FOLDER
415+ cp $ROOT /tls-gen/basic/result/server_${NAME} _key.pem $FOLDER
416+ cp $ROOT /tls-gen/basic/result/server_${NAME} .p12 $FOLDER
417+ cp $ROOT /tls-gen/basic/result/client_${NAME} _certificate.pem $FOLDER
418+ cp $ROOT /tls-gen/basic/result/client_${NAME} _key.pem $FOLDER
419+ cp $ROOT /tls-gen/basic/result/client_${NAME} .p12 $FOLDER
420+ chmod ugo+r $FOLDER /* .pem
421+ end " SSL Certificates generated for $NAME under $FOLDER "
422+ }
423+ generate-truststore-if-required () {
424+ NAME=$1
425+ FOLDER=$2
426+ if [[ ! -f " ${FOLDER} /truststore.jks" ; then
427+ keytool -import \
428+ -trustcacerts \
429+ -file ${FOLDER} /ca_${NAME} _certificate.pem \
430+ -keystore ${FOLDER} /truststore.jks \
431+ -storepass foobar \
432+ -noprompt
433+ fi
434+ }
435+ generate-server-keystore-if-required () {
436+ NAME=$1
437+ FOLDER=$2
438+ if [ ! -f " ${FOLDER} /server_${NAME} .jks" ; then
439+ keytool -importkeystore \
440+ -destkeystore ${FOLDER} /server_${NAME} .jks \
441+ -srckeystore ${FOLDER} /server_${NAME} .p12 \
442+ -deststoretype pkcs12 \
443+ -srcstoretype pkcs12 \
444+ -alias 1 \
445+ -destalias server-${NAME} -tls \
446+ -deststorepass foobar \
447+ -destkeypass foobar \
448+ -srcstorepass " "
449+ -srckeypass " "
450+ -noprompt
451+ fi
452+ }
453+ generate-client-keystore-if-required () {
454+ NAME=$1
455+ FOLDER=$2
456+ if [ ! -f " ${FOLDER} /client_${NAME} .jks" ; then
457+ keytool -importkeystore \
458+ -destkeystore ${FOLDER} /client_${NAME} .jks \
459+ -srckeystore ${FOLDER} /client_${NAME} .p12 \
460+ -deststoretype pkcs12 \
461+ -srcstoretype pkcs12 \
462+ -alias 1 \
463+ -destalias client-${NAME} -tls \
464+ -deststorepass foobar \
465+ -destkeypass foobar \
466+ -srcstorepass " "
467+ -srckeypass " "
468+ -noprompt
469+ fi
470+ }
378471run () {
379472 runWith rabbitmq
380473}
0 commit comments