Created
November 24, 2013 08:05
-
-
Save dulichan/7624652 to your computer and use it in GitHub Desktop.
Configure the MDM using a shell script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Created by: Chan | |
| # Date: 2013/11/24 | |
| PRODUCT_HOME="$1" | |
| if [ -z "$PRODUCT_HOME" ]; then | |
| echo "Usage: $(basename $0) <domain>" | |
| exit 11 | |
| fi | |
| fail_if_error() { | |
| [ $1 != 0 ] && { | |
| unset PASSPHRASE | |
| exit 10 | |
| } | |
| } | |
| # Passcodes | |
| jkspassword="wso2carbon" | |
| mjkspassword="wso2mobile" | |
| capass="cacert" | |
| rapass="rapass" | |
| #A variable = sign should together with variable | |
| # If we use a $() it will take the execute command and place value to the variable | |
| # Not tested in BSD and Linux | Works like a charm in Mac | |
| ip='localhost' | |
| unamestr=`uname` | |
| if [[ "$unamestr" == 'Linux' ]]; then | |
| ip=$(ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}') | |
| elif [[ "$unamestr" == 'FreeBSD' ]]; then | |
| ip=$(ifconfig | grep -E 'inet.[0-9]' | grep -v '127.0.0.1' | awk '{ print $2}') | |
| elif [[ "$unamestr" == 'Darwin' ]]; then | |
| ip=$(ifconfig | grep "inet " | grep -v 127.0.0.1 | cut -d\ -f2) | |
| fi | |
| # Certificate details; replace items in angle brackets with your own info | |
| subj=" | |
| C=SL | |
| ST=Western | |
| O=WSO2 | |
| localityName=WSO2 | |
| commonName=$ip | |
| organizationalUnitName=WSO2 Mobile | |
| [email protected]" | |
| # Generate the server private key | |
| openssl genrsa -out ia.key 4096 | |
| fail_if_error $? | |
| # Generate the CSR | |
| echo -e ".\n.\n" \ | |
| | openssl req \ | |
| -new \ | |
| -batch \ | |
| -subj "$(echo "$subj" | tr "\n" "/")" \ | |
| -key ia.key \ | |
| -out ia.csr \ | |
| -passin stdin | |
| fail_if_error $? | |
| # Generate the cert (good for 10 years) | |
| openssl x509 -req -days 3650 -in ia.csr -CA ca_cert.pem -CAkey ca_private.pem -set_serial 044324343 -out ia.crt | |
| fail_if_error $? | |
| #A stdin is used to input the password to the openssl command | |
| echo -e "wso2mobile\nwso2mobile\n" \ | |
| | openssl pkcs12 -export -out KEYSTORE.p12 -inkey ia.key -in ia.crt -CAfile ca_cert.pem -name "wso2carbon" -passin stdin -passout stdin | |
| echo -e "cacert\ncacert\n" \ | |
| | openssl pkcs12 -export -out ca.p12 -inkey ca_private.pem -in ca_cert.pem -name "cacert" -passin stdin -passout stdin | |
| echo -e "racert\nracert\n" \ | |
| | openssl pkcs12 -export -out ra.p12 -inkey ra_private.pem -in ra_cert.pem -chain -CAfile ca_cert.pem -name "racert" -passin stdin -passout stdin | |
| # Key tools is used to import the exported key to a keystore | |
| keytool -importkeystore -srckeystore KEYSTORE.p12 -srcstoretype PKCS12 -destkeystore $PRODUCT_HOME/repository/resources/security/wso2carbon.jks -noprompt -deststorepass 'wso2carbon' -srcstorepass 'wso2mobile' | |
| keytool -importkeystore -srckeystore KEYSTORE.p12 -srcstoretype PKCS12 -destkeystore $PRODUCT_HOME/repository/resources/security/client-truststore.jks -noprompt -deststorepass 'wso2carbon' -srcstorepass 'wso2mobile' | |
| keytool -importkeystore -srckeystore ca.p12 -srcstoretype PKCS12 -destkeystore $PRODUCT_HOME/repository/resources/security/wso2mobilemdm.jks -noprompt -deststorepass 'wso2mobile' -srcstorepass 'cacert' | |
| keytool -importkeystore -srckeystore ra.p12 -srcstoretype PKCS12 -destkeystore $PRODUCT_HOME/repository/resources/security/wso2mobilemdm.jks -noprompt -deststorepass 'wso2mobile' -srcstorepass 'racert' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What is the domain there?