-
Notifications
You must be signed in to change notification settings - Fork 0
/
sync_truststores.sh
22 lines (14 loc) · 1.19 KB
/
sync_truststores.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
#/bin/bash
# This script ensures that the controller and the compute instance are able to communicate with each other.
SECURITY_COMPUTE=compute/security
SECURITY_CONTROLLER=backend/security
# 1) Export certificate from remote keystore to a file called adaguc-compute-001.pem:
keytool -export -alias tomcat -rfc -file adaguc-compute-001.pem -keystore ${SECURITY_COMPUTE}/keystore.jks -storepass password
# 2) Put this certificate from adaguc-compute-001.pem into controllers truststore
keytool -delete -alias adaguc-compute-001 -keystore ${SECURITY_CONTROLLER}/truststore.ts -storepass changeit -noprompt
keytool -import -v -trustcacerts -alias adaguc-compute-001 -file adaguc-compute-001.pem -keystore ${SECURITY_CONTROLLER}/truststore.ts -storepass changeit -noprompt
rm adaguc-compute-001.pem
# 3) Export CA of this instance into truststore of remote instance
keytool -delete -alias controller-instance-001 -keystore ${SECURITY_COMPUTE}/truststore.ts -storepass changeit -noprompt
keytool -import -v -trustcacerts -alias controller-instance-001 -file ${SECURITY_CONTROLLER}/adaguc-services-ca.cert -keystore ${SECURITY_COMPUTE}/truststore.ts -storepass changeit -noprompt
#Restart both dockers