Brian O'Connor | 740e98c | 2017-06-29 17:07:17 -0700 | [diff] [blame^] | 1 | #!/bin/bash |
| 2 | # ------------------------------------------------------------------------ |
| 3 | # This script generates a self-signed certificate and private key pair |
| 4 | # and stores them in a Java keystore. This keystore can be used as the |
| 5 | # keystore and trust store for client and server ends of TLS connections |
| 6 | # for all nodes in the cluster. |
| 7 | # ------------------------------------------------------------------------ |
| 8 | |
| 9 | [ ! -d "$ONOS_ROOT" ] && echo "ONOS_ROOT is not defined" >&2 && exit 1 |
| 10 | . $ONOS_ROOT/tools/build/envDefaults |
| 11 | |
| 12 | [ "$1" = "-f" ] && shift && generate_new_key=true |
| 13 | |
| 14 | [ "$generate_new_key" = true ] && rm -f $ONOS_CLUSTER_KEY_FILE |
| 15 | |
| 16 | keytool -genkey -keystore $ONOS_CLUSTER_KEY_FILE \ |
| 17 | -storepass $ONOS_CLUSTER_KEY_PASSWORD \ |
| 18 | -keyalg RSA \ |
| 19 | -alias onos \ |
| 20 | -validity 3600 \ |
| 21 | -keysize 2048 \ |
| 22 | -dname CN=onos \ |
| 23 | -keypass $ONOS_CLUSTER_KEY_PASSWORD |