Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
import RDS certificates to java keystore on alpine / osx (OpenJDK11)
#!/usr/bin/env sh
#i tried it and working like charm just have to note make the file .sh chmod +x and you may need sudo to run with permission but be carefull with sudo
#be sure the $JAVA_HOME is configure correctly or make it static as commentedline 7 below
mkdir /tmp/rds-ca && cd /tmp/rds-ca
echo "Downloading RDS certificates..."
curl > rds-combined-ca-bundle.pem
csplit -sk rds-combined-ca-bundle.pem "/-BEGIN CERTIFICATE-/" "{$(grep -c 'BEGIN CERTIFICATE' rds-combined-ca-bundle.pem | awk '{print $1 - 2}')}"
for CERT in xx*; do
# extract a human-readable alias from the cert
ALIAS=$(openssl x509 -noout -text -in $CERT |
perl -ne 'next unless /Subject:/; s/.*CN=//; print')
echo "importing $ALIAS"
# import the cert into the default java keystore
keytool -import \
-cacerts \
-storepass changeit -noprompt \
-alias "$ALIAS" -file $CERT
cd "$OLDDIR"
rm -rf /tmp/rds-ca
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment