Last active
May 14, 2020 21:06
-
-
Save mathiasmag/a1c0f6deb304487885467bb72da934eb to your computer and use it in GitHub Desktop.
Oracle Wallet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Used to set up scripts to build/add root certificates to an Oracle Wallet |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
HOST=$1 | |
WALLET=$2 | |
PWD=$3 | |
BUNDLE=$(openssl version -d|cut -d \" -f2)/cert.pem | |
# Grab all certs from a site -> Send STDERR to /dev/null | |
# Send STDERR to a file | |
# Keep just the first line from the file | |
# Reverse the string as "cut" cannot return the last field | |
# Cut the first field (the Common Name for the certificate) | |
# Reverse the string back to it's origin | |
CERT=$(echo QUIT|openssl s_client -connect ${HOST}:443 -showcerts >/dev/null 2> /tmp/mycert;head -1 /tmp/mycert|rev|cut -f1 -d=|rev|xargs) | |
# Grab the certificate from the certificate bundle, onle the part from BEGIN to END | |
sed -n "/${CERT}/,/^-----END CERTIFICATE-----$/p" ${BUNDLE} | sed -n "/^-----BEGIN CERTIFICATE-----/,/^-----END CERTIFICATE-----$/p" > /tmp/cert.txt | |
# Add the extracted root certificate to the Oracle Wallet | |
orapki wallet add -wallet ${WALLET} -trusted_cert -pwd $PWD -cert /tmp/cert.txt | |
# Remove work files | |
rm /tmp/mycert /tmp/cert.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
PWD=$(openssl rand -base64 8) | |
WALLET=wallet_$$ | |
orapki wallet create -wallet ${WALLET} -pwd ${PWD} -auto_login > /dev/null | |
./add_cert.sh oracle.com ${WALLET} ${PWD} > /dev/null | |
./add_cert.sh example.com ${WALLET} ${PWD} > /dev/null | |
echo "Your new wallet is ${WALLET} and it has password ${PWD}." | |
echo 'It now contains the following.' | |
orapki wallet display -wallet ${WALLET} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment