1 #!/bin/bash 2 # java version >= 1.6 is required for this script. 3 # This script was tested to work with bouncycastle 1.32. 4 5 set -x 6 set -e 7 8 CERTSTORE=cacerts.bks 9 10 # put required 1.6 VM at head of PATH 11 JDK6PATH=/usr/lib/jvm/java-6-sun/bin 12 if [ ! -e $JDK6PATH/java ] ; then 13 set +x 14 echo 15 echo "WARNING: could not find $JDK6PATH/java but continuing anyway." 16 echo " you might consider making sure the expected JDK is installed" 17 echo " or updating its location in this script." 18 echo 19 set -x 20 fi 21 export PATH=$JDK6PATH:$PATH 22 23 # Check java version. 24 JAVA_VERSION=`java -version 2>&1 | head -1` 25 JAVA_VERSION_MINOR=`expr match "$JAVA_VERSION" "java version \"[1-9]\.\([0-9]\).*\""` 26 if [ $JAVA_VERSION_MINOR -lt 6 ]; then 27 set +x 28 echo 29 echo "ERROR: java version 1.6 or greater required for keytool usage" 30 echo 31 exit 1 32 fi 33 34 PROVIDER_CLASS=org.bouncycastle.jce.provider.BouncyCastleProvider 35 PROVIDER_PATH=/usr/share/java/bcprov.jar 36 37 if [ ! -e $PROVIDER_PATH ] ; then 38 set +x 39 echo 40 echo "ERROR: could not find provider path $PROVIDER_PATH. Try installing with:" 41 echo " sudo apt-get install libbcprov-java" 42 echo 43 exit 1 44 fi 45 46 if [ -a $CERTSTORE ]; then 47 rm $CERTSTORE || exit 1 48 fi 49 50 if [ -z "$STOREPASS" ]; then 51 STOREPASS=changeit 52 fi 53 54 COUNTER=0 55 for cert in `ls -1 cacerts` 56 do 57 yes | keytool \ 58 -import \ 59 -v \ 60 -trustcacerts \ 61 -alias $COUNTER \ 62 -file <(openssl x509 -in cacerts/$cert) \ 63 -keystore $CERTSTORE \ 64 -storetype BKS \ 65 -provider $PROVIDER_CLASS \ 66 -providerpath $PROVIDER_PATH \ 67 -storepass $STOREPASS 68 let "COUNTER=$COUNTER + 1" 69 done 70
