generate_keystore_trustore.sh

#!/bin/sh

KEYSTORE_PATH=${ARTIFACT_DIR}/client.keystore.p12
TRUSTORE_PATH=${ARTIFACT_DIR}/client.truststore.jks
PRIVKEY_RSA_PATH=${ARTIFACT_DIR}/service_key.pem
PRIVKEY_PATH=${ARTIFACT_DIR}/service.key
PUBKEY_RSA_PATH=${ARTIFACT_DIR}/service_cert.pem
PUBKEY_PATH=${ARTIFACT_DIR}/service.cert
CAKEY_PATH=${ARTIFACT_DIR}/ca.pem

mkdir -p ${ARTIFACT_DIR}

# Creating certificate files
echo "Creating certificate files"
echo "$PRIVKEY" | base64 -d > ${PRIVKEY_PATH}
echo "$PUBKEY" | base64 -d > ${PUBKEY_PATH}
echo "$CAKEY" | base64 -d > ${CAKEY_PATH}

# Extracts the content of an RSA private key
echo "Extracts the content of an RSA private key"
openssl rsa \
    -in ${PRIVKEY_PATH} \
    -text > ${PRIVKEY_RSA_PATH}

# Extract the content of an RSA public key
echo "Extract the content of an RSA public key"
openssl x509 \
    -inform PEM \
    -in ${PUBKEY_PATH} \
    > ${PUBKEY_RSA_PATH}

# Generate keystore
echo "Generate keystore"
openssl pkcs12 -export \
    -inkey ${PRIVKEY_RSA_PATH} \
    -in ${PUBKEY_PATH} \
    -out ${KEYSTORE_PATH} \
    -name service_key \
    -password pass:$KEYSTORE_PWD

# Generate truststore
echo "Generate truststore"
keytool -noprompt -import \
    -file ${CAKEY_PATH} \
    -alias CA \
    -keystore ${TRUSTORE_PATH} \
    -storepass ${TRUSTSTORE_PWD}

ls -lha ${ARTIFACT_DIR}