zeromancer1972/make_keyring.sh

## make_keyring.sh
#!/bin/bash -eu
##########################################################################
#                                                                        #
# Licensed Materials - Property of HCL                                   #
#                                                                        #
# (c)Copyright HCL Technologies Ltd. 2018. All Rights Reserved.          #
#                                                                        #
# Note to U.S.Government Users Restricted Rights :                       #
# Use, duplication or disclosure restricted by GSA ADP Schedule          #
# Contract with IBM Corp.                                                #
#                                                                        #
##########################################################################

# Sample script for creating a Domino Keyring using the KYRTOOL.

# CONSULT WITH YOUR ORGANIZATION'S SECURITY EXPERT BEFORE USING.

function kyrtool() {
	(set -x ; cd /local/notesdata; /opt/ibm/domino/bin/tools/startup kyrtool $* )
}

readonly keyring=/tmp/sample1.kyr
readonly sthfile=/tmp/sample1.sth

if [[ -f $keyring ]]
then
	echo "Keyring file already exists: $keyring"
	exit 1
fi

if [[ -f $sthfile ]]
then
	echo "Keyring sth file already exists: $sthfile"
	exit 1
fi

if [[ ! -f server.key || ! -f server.crt || ! -f ca.crt ]]
then
	echo "This tool uses files created by the make_certs.sh script."
	echo "Consider running this script first."
	exit 1
fi

# Create the empty keyring file with a simple password
kyrtool create -k $keyring -p 1234567890

# Certificates and private key must be in leaf first order in the file. The
# final certificate in the chain will be marked as a trusted root.
readonly tmpfile=$(mktemp)
cat server.key server.crt ca.crt > $tmpfile
kyrtool import all -i $tmpfile -k $keyring
rm -f $tmpfile


# Show contents from the keyring
kyrtool show keys -k $keyring
kyrtool show certs -k $keyring
kyrtool show roots -k $keyring -v
	#!/bin/bash -eu
	##########################################################################
	# #
	# Licensed Materials - Property of HCL #
	# #
	# (c)Copyright HCL Technologies Ltd. 2018. All Rights Reserved. #
	# #
	# Note to U.S.Government Users Restricted Rights : #
	# Use, duplication or disclosure restricted by GSA ADP Schedule #
	# Contract with IBM Corp. #
	# #
	##########################################################################

	# Sample script for creating a Domino Keyring using the KYRTOOL.

	# CONSULT WITH YOUR ORGANIZATION'S SECURITY EXPERT BEFORE USING.

	function kyrtool() {
	(set -x ; cd /local/notesdata; /opt/ibm/domino/bin/tools/startup kyrtool $* )
	}

	readonly keyring=/tmp/sample1.kyr
	readonly sthfile=/tmp/sample1.sth

	if [[ -f $keyring ]]
	then
	echo "Keyring file already exists: $keyring"
	exit 1
	fi

	if [[ -f $sthfile ]]
	then
	echo "Keyring sth file already exists: $sthfile"
	exit 1
	fi

	if [[ ! -f server.key \|\| ! -f server.crt \|\| ! -f ca.crt ]]
	then
	echo "This tool uses files created by the make_certs.sh script."
	echo "Consider running this script first."
	exit 1
	fi

	# Create the empty keyring file with a simple password
	kyrtool create -k $keyring -p 1234567890

	# Certificates and private key must be in leaf first order in the file. The
	# final certificate in the chain will be marked as a trusted root.
	readonly tmpfile=$(mktemp)
	cat server.key server.crt ca.crt > $tmpfile
	kyrtool import all -i $tmpfile -k $keyring
	rm -f $tmpfile


	# Show contents from the keyring
	kyrtool show keys -k $keyring
	kyrtool show certs -k $keyring
	kyrtool show roots -k $keyring -v