Skip to content

Instantly share code, notes, and snippets.

@zeromancer1972
Created February 8, 2019 08:57
Show Gist options
  • Save zeromancer1972/74ddbdc655bf15616cdc1928d522730b to your computer and use it in GitHub Desktop.
Save zeromancer1972/74ddbdc655bf15616cdc1928d522730b to your computer and use it in GitHub Desktop.
Proton Keyring Script
#!/bin/bash -eu
##########################################################################
# #
# Licensed Materials - Property of HCL #
# #
# (c)Copyright HCL Technologies Ltd. 2018. All Rights Reserved. #
# #
# Note to U.S.Government Users Restricted Rights : #
# Use, duplication or disclosure restricted by GSA ADP Schedule #
# Contract with IBM Corp. #
# #
##########################################################################
# Sample script for creating a Domino Keyring using the KYRTOOL.
# CONSULT WITH YOUR ORGANIZATION'S SECURITY EXPERT BEFORE USING.
function kyrtool() {
(set -x ; cd /local/notesdata; /opt/ibm/domino/bin/tools/startup kyrtool $* )
}
readonly keyring=/tmp/sample1.kyr
readonly sthfile=/tmp/sample1.sth
if [[ -f $keyring ]]
then
echo "Keyring file already exists: $keyring"
exit 1
fi
if [[ -f $sthfile ]]
then
echo "Keyring sth file already exists: $sthfile"
exit 1
fi
if [[ ! -f server.key || ! -f server.crt || ! -f ca.crt ]]
then
echo "This tool uses files created by the make_certs.sh script."
echo "Consider running this script first."
exit 1
fi
# Create the empty keyring file with a simple password
kyrtool create -k $keyring -p 1234567890
# Certificates and private key must be in leaf first order in the file. The
# final certificate in the chain will be marked as a trusted root.
readonly tmpfile=$(mktemp)
cat server.key server.crt ca.crt > $tmpfile
kyrtool import all -i $tmpfile -k $keyring
rm -f $tmpfile
# Show contents from the keyring
kyrtool show keys -k $keyring
kyrtool show certs -k $keyring
kyrtool show roots -k $keyring -v
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment