Last active
September 27, 2023 13:22
-
-
Save fuzziebrain/202f902d8fc6d8de586da5097a501047 to your computer and use it in GitHub Desktop.
Load an Oracle Wallet with certificates contained in a bundle file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# PURPOSE: | |
# Load an Oracle Wallet with certificates contained in a bundle file | |
# e.g. https://pki.goog/roots.pem | |
# | |
# NOTES: | |
# * Run as oracle | |
# * Assumes ORAENV is set | |
TMPDIR=/tmp/owbutil | |
if [ -z "$BUNDLE_FILE" ]; then | |
echo -n "Bundle file: " | |
read BUNDLE_FILE | |
fi | |
if [ ! -f "${BUNDLE_FILE}" ]; | |
then | |
echo Please specify a valid file. | |
exit -1 | |
fi | |
if [ -z "$WALLET_PATH" ]; then | |
echo -n "Wallet path: " | |
read WALLET_PATH | |
fi | |
if [ -d "${WALLET_PATH}" ]; | |
then | |
echo "Wallet path exists" | |
exit -1 | |
fi | |
if [ -z "$WALLET_PWD" ]; then | |
echo -n "Enter an Oracle Wallet password: " | |
read -s WALLET_PWD | |
fi | |
if [ -z "$WALLET_PWD_CONFIRM" ]; then | |
echo -e | |
echo -n "Enter the password again: " | |
read -s WALLET_PWD_CONFIRM | |
fi | |
if [ -z "${WALLET_PWD}" ]; | |
then | |
echo Password required. | |
exit -1 | |
fi | |
if [ $WALLET_PWD != $WALLET_PWD_CONFIRM ]; | |
then | |
echo Passwords do not match. | |
exit -1 | |
fi | |
if [ ! -d ${TMPDIR} ]; | |
then | |
mkdir -p ${TMPDIR} | |
fi; | |
csplit -f ${TMPDIR}/cert- -b %02d.pem ${BUNDLE_FILE} \ | |
'/-----END CERTIFICATE-----/1' '{*}' | |
orapki wallet create -wallet ${WALLET_PATH} -pwd ${WALLET_PWD} | |
for file in `ls ${TMPDIR}/*.pem` | |
do | |
if grep -Pzoq -e "-----BEGIN CERTIFICATE-----(.|\\s)*-----END CERTIFICATE-----" $file | |
then | |
orapki wallet add -wallet ${WALLET_PATH} -trusted_cert \ | |
-pwd ${WALLET_PWD} -cert $file | |
else | |
echo Skipping file $file | |
fi | |
done | |
rm -rf ${TMPDIR} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Ah, now I have it. Thanks again Rich.