[英]Python and JDK SSL certificate
我想知道是否有人曾經處理過使用 python 將 SSL 證書導入 JAVA,就像我們使用 keytool 一樣。
bash 腳本可以做,但我只是想知道是否有一個模塊可以做得更優雅。
謝謝
您可以嘗試pyjks ,但我不知道它是否可以寫入 JKS 密鑰庫或只是讀取它們。
我有這個小腳本來導入證書:
#!/bin/bash
#set -xeuo pipefail
set -xe
##cert file location
cert_location=/path/to/Certificates
TIMESTAMP=$(date +%Y-%m-%d_%H-%M-%S)
##check if directory exist
if [ -d "$cert_location" ]; then
echo -e "\033[31;7m Directory $cert_location exists. \e[0m"
else
echo -e "\033[31;7m Directory $cert_location does NOT exists. \e[0m"
return 1 2>/dev/null
exit 1
fi
# define file array
cd $cert_location
files=(*)
# Use for loop iterate through an array
# $f stores current value
for f in "${files[@]}"; do
##check fi alias already in use
echo -e "\033[31;7m Directory Certificate name $f. \e[0m"
alias_name=$(keytool -list -keystore /u01/jdk/jre/lib/security/cacerts -storepass JAVA_PASSWORD | grep $f | awk -F, '{print $1}')
if [ -z "$alias_name" ]; then
echo -e "\033[31;7m $f will be installed \e[0m"
scp -r -i private_key -o 'StrictHostKeyChecking no' $cert_location/"$f" "${SSH_SOA}":./deploy/"$f"
echo -e "\033[31;7mLoading the $f file \e[0m"
keytool -import -v -trustcacerts -alias "$f_$TIMESTAMP" -file ./deploy/"$f" -keystore /u01/app/oracle/middleware/wlserver/server/lib/DemoTrust.jks -storepass KEYSTORE_PASSWORD -noprompt | true
keytool -import -v -trustcacerts -alias "$f_$TIMESTAMP" -file ./deploy/"$f" -keystore /u01/jdk/jre/lib/security/cacerts -storepass JAVA_PASSWORD -noprompt | true
keytool -import -v -trustcacerts -alias "$f_$TIMESTAMP" -file ./deploy/"$f" -keystore /u01/app/oracle/middleware/wlserver/server/lib/cacerts -storepass JAVA_PASSWORD -noprompt | true
keytool -import -v -trustcacerts -alias "$f_$TIMESTAMP" -file ./deploy/"$f" -keystore /u01/data/domains/intsoaol_domain/security/DemoIdentity.jks -storepass JAVA_PASSWORD -noprompt | true
else
echo -e "\033[31;7m $alias_name Alias already in use \e[0m"
fi
done
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.