Created
October 8, 2010 11:46
-
-
Save fbehrens/616664 to your computer and use it in GitHub Desktop.
generate_certificate.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'rubygems' | |
require 'highline/import' | |
puts "usage ruby generate_keystore.rb host password" | |
def read_certificate | |
answer = [ ask("and paste generated Certificate here >>\n") ] | |
until (answer << ask("") ).last.include? "END CERTIFICATE" | |
end | |
answer.join("\n") | |
end | |
def delete_tempfiles | |
(Dir.glob("../tmp/*") << "t.txt").each {|f| | |
begin | |
File.unlink(f) | |
rescue | |
end | |
} | |
end | |
host_name = ARGV[0].dup || ask("Enter hostname: ") | |
host_name << ".de.bayer.cnb" unless host_name.include?(".") | |
password = ARGV[1] || ask("Enter your keystore and host password: ") { |q| q.echo = "*" } | |
keystore_path = "../keystore/#{host_name}.keystore" | |
private_key_alias = "#{host_name}_alias" | |
temp_file = "t.txt" | |
request_file = "../tmp/request.csr" | |
certificate_file = "../tmp/site.cer" | |
siteca_file = "../config/siteca.cer" | |
keytool = %("#{ENV["JAVA_HOME"]}\\bin\\keytool") | |
# remove excisting keystore | |
File.unlink(keystore_path) if FileTest.exists? keystore_path | |
File.open(temp_file,"w") do |f| f.write(<<-EOF) | |
#{password} | |
#{host_name} | |
BBS-ITO-BDC-GSE-OFM | |
Bayer Business Services GmbH | |
Leverkusen | |
Nordreihn Westffalen | |
DE | |
ja | |
EOF | |
end | |
puts ">>>> generate Keystore " | |
system "TYPE #{temp_file} | #{keytool} -genkey -alias #{private_key_alias} -keyalg RSA -keystore #{keystore_path}" | |
puts ">>>> import Root Certificate" | |
system "echo ja | #{keytool} -import -trustcacerts -alias mcs_siteca -file #{siteca_file} -keystore #{keystore_path} -storePass #{password}" | |
puts ">>>> create Certificate Signing Request" | |
system "#{keytool} -certreq -alias #{private_key_alias} -file #{request_file} -keystore #{keystore_path} -storePass #{password}" | |
puts ">>>> list Keystore" | |
system "#{keytool} -list -keystore #{keystore_path} -storePass #{password}" | |
puts ">>>> print csr-Request" | |
File.open(request_file,"r") {|f| puts f.readlines } | |
puts "please paste into Registration Authority (CA Requests) (BY-APPA2/Central/LEV/DE/BAYER admin/ra/rarequests.nsf)" | |
# write received server certificate | |
File.open(certificate_file,"w") { |f| f.write(read_certificate) } | |
# import into keystore | |
system "echo ja | #{keytool} -import -alias #{private_key_alias} -file #{certificate_file} -keystore #{keystore_path} -storePass #{password}" | |
# list Keystore | |
system "#{keytool} -list -keystore #{keystore_path} -storePass #{password}" | |
delete_tempfiles |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment