diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-07-20 07:33:24 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-07-20 07:33:24 +0200 |
commit | 226d757ee6e52c6775c48e498fd2d7d1fab9a369 (patch) | |
tree | d56a149e15a6a9541264155041d64197e9204a67 /scripts | |
parent | 4ef1422a303c035735afd84d98ee7baba325c2fa (diff) | |
download | pki-dev-226d757ee6e52c6775c48e498fd2d7d1fab9a369.tar.gz pki-dev-226d757ee6e52c6775c48e498fd2d7d1fab9a369.tar.xz pki-dev-226d757ee6e52c6775c48e498fd2d7d1fab9a369.zip |
Updated TKS scripts.
Diffstat (limited to 'scripts')
-rwxr-xr-x | scripts/tks-create.sh | 2 | ||||
-rwxr-xr-x | scripts/tks-merged-create.sh | 2 | ||||
-rwxr-xr-x | scripts/tks-remote-create.sh | 3 | ||||
-rwxr-xr-x | scripts/tks-secret-create.sh | 12 | ||||
-rwxr-xr-x | scripts/tks-secret-list.sh | 11 | ||||
-rwxr-xr-x | scripts/tks-secret-remove.sh | 5 | ||||
-rwxr-xr-x | scripts/tks-tps-remove.sh | 13 |
7 files changed, 46 insertions, 2 deletions
diff --git a/scripts/tks-create.sh b/scripts/tks-create.sh index 4a6fabe..7cdef34 100755 --- a/scripts/tks-create.sh +++ b/scripts/tks-create.sh @@ -1,3 +1,3 @@ #!/bin/sh -x -pkispawn -v -f tks.cfg -s TKS -v 2>&1 | tee build/tks-create.log +pkispawn -v -f tks.cfg -s TKS -v diff --git a/scripts/tks-merged-create.sh b/scripts/tks-merged-create.sh index 14d29cf..d423681 100755 --- a/scripts/tks-merged-create.sh +++ b/scripts/tks-merged-create.sh @@ -1,3 +1,3 @@ #!/bin/sh -x -pkispawn -f merged.cfg -s TKS -v 2>&1 | tee build/tks-merged-create.log +pkispawn -f merged.cfg -s TKS -v diff --git a/scripts/tks-remote-create.sh b/scripts/tks-remote-create.sh new file mode 100755 index 0000000..c3c9f40 --- /dev/null +++ b/scripts/tks-remote-create.sh @@ -0,0 +1,3 @@ +#!/bin/sh -x + +pkispawn -v -f tks-remote.cfg -s TKS -v diff --git a/scripts/tks-secret-create.sh b/scripts/tks-secret-create.sh new file mode 100755 index 0000000..201f8bd --- /dev/null +++ b/scripts/tks-secret-create.sh @@ -0,0 +1,12 @@ +#!/bin/sh + +dd if=/dev/urandom of=tks-secret-random.bin bs=1024 count=2 + +INSTANCE_DIR=/var/lib/pki/pki-tomcat +#INSTANCE_DIR=/var/lib/pki/tks-master +grep "internal=" $INSTANCE_DIR/conf/password.conf | sed "s/internal=//" > $INSTANCE_DIR/conf/internal.txt + +#tkstool -T -d $INSTANCE_DIR/alias -n sharedSecret -f $INSTANCE_DIR/conf/internal.txt -z tks-secret-random.bin -o tks-secret.txt +tkstool -T -d $INSTANCE_DIR/alias -n sharedSecret -f $INSTANCE_DIR/conf/internal.txt -z tks-secret-random.bin + +#tkstool -T -d /var/lib/pki/pki-tomcat/alias/ -n sharedSecret diff --git a/scripts/tks-secret-list.sh b/scripts/tks-secret-list.sh new file mode 100755 index 0000000..688eeb3 --- /dev/null +++ b/scripts/tks-secret-list.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +INSTANCE_DIR=/var/lib/pki/tks-master +grep "internal=" $INSTANCE_DIR/conf/password.conf | sed "s/internal=//" > $INSTANCE_DIR/conf/internal.txt + +echo certutil -K -d $INSTANCE_DIR/alias -f $INSTANCE_DIR/conf/internal.txt +certutil -K -d $INSTANCE_DIR/alias -f $INSTANCE_DIR/conf/internal.txt + +echo tkstool -L -d $INSTANCE_DIR/alias -n sharedSecret -f $INSTANCE_DIR/conf/internal.txt -h all +tkstool -L -d $INSTANCE_DIR/alias -n sharedSecret -f $INSTANCE_DIR/conf/internal.txt -h all + diff --git a/scripts/tks-secret-remove.sh b/scripts/tks-secret-remove.sh new file mode 100755 index 0000000..84d3a08 --- /dev/null +++ b/scripts/tks-secret-remove.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +INSTANCE_DIR=/var/lib/pki/tks-master +grep "internal=" $INSTANCE_DIR/conf/password.conf | sed "s/internal=//" > $INSTANCE_DIR/conf/internal.txt +tkstool -D -d $INSTANCE_DIR/alias -n sharedSecret -f $INSTANCE_DIR/conf/internal.txt diff --git a/scripts/tks-tps-remove.sh b/scripts/tks-tps-remove.sh new file mode 100755 index 0000000..7f0d271 --- /dev/null +++ b/scripts/tks-tps-remove.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +TPSHOST=`cat tps.host` + +ldapmodify -x -D "cn=Directory Manager" -w Secret123 -c << EOF +dn: cn=Token Key Service Manager Agents,ou=groups,dc=tks,dc=pki,dc=example,dc=com +changetype: modify +delete: uniqueMember +uniqueMember: uid=TPS-$TPSHOST-8443,ou=people,dc=tks,dc=pki,dc=example,dc=com + +dn: uid=TPS-$TPSHOST-8443,ou=people,dc=tks,dc=pki,dc=example,dc=com +changetype: delete +EOF |