Skip to content

Commit

Permalink
Merge pull request #75 from upmc-enterprises/fixAutogenCerts
Browse files Browse the repository at this point in the history 
Resolved issue where truststore.jks
  • Loading branch information
@stevesloka
stevesloka authored Jul 21, 2017
2 parents 7b462a8 + fdc9882 commit b4516f6
Show file tree
Hide file tree
Showing 4 changed files with 9 additions and 16 deletions.
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

.PHONY: all build container push clean test

TAG ?= 0.0.5
TAG ?= 0.0.6
PREFIX ?= upmcenterprises

all: container
Expand Down
2 changes: 1 addition & 1 deletion cmd/operator/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ import (
)

var (
appVersion = "0.0.1"
appVersion = "0.0.6"

printVersion bool
baseImage string
Expand Down
2 changes: 1 addition & 1 deletion example/controller.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ spec:
spec:
containers:
- name: operator
image: upmcenterprises/elasticsearch-operator:0.0.5
image: upmcenterprises/elasticsearch-operator:0.0.6
imagePullPolicy: Always
env:
- name: NAMESPACE
Expand Down
19 changes: 6 additions & 13 deletions pkg/k8sutil/certs.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ func (k *K8sutil) GenerateCerts(configDir, certsDir, namespace, clusterName stri

// Generate CA Cert
logrus.Info("Creating ca cert...")
cmdCA1 := exec.Command("cfssl", "genkey", "-initca", fmt.Sprintf("%s/ca-csr.json", configDir))
cmdCA1 := exec.Command("cfssl", "gencert", "-initca", fmt.Sprintf("%s/ca-csr.json", configDir))
cmdCA2 := exec.Command("cfssljson", "-bare", fmt.Sprintf("%s/ca", certsDir))
_, err := pipeCommands(cmdCA1, cmdCA2)
if err != nil {
Expand All @@ -174,30 +174,23 @@ func (k *K8sutil) GenerateCerts(configDir, certsDir, namespace, clusterName stri

// Generate Node Cert
logrus.Info("Creating node cert...")
cmdNode1 := exec.Command("cfssl", "gencert", "-ca", fmt.Sprintf("%s/ca.pem", certsDir), "-ca-key", fmt.Sprintf("%s/ca-key.pem", certsDir), "-config", fmt.Sprintf("%s/ca-config.json", configDir), fmt.Sprintf("%s/req-csr.json", configDir))
cmdNode1 := exec.Command("cfssl", "gencert", "-ca", fmt.Sprintf("%s/ca.pem", certsDir), "-ca-key", fmt.Sprintf("%s/ca-key.pem", certsDir), "-config", fmt.Sprintf("%s/ca-config.json", configDir), "-profile=server", fmt.Sprintf("%s/req-csr.json", configDir))
cmdNode2 := exec.Command("cfssljson", "-bare", fmt.Sprintf("%s/node", certsDir))
_, err = pipeCommands(cmdNode1, cmdNode2)
if err != nil {
logrus.Error(err)
}

logrus.Info("Converting ca to pkcs12...")
cmdConvertCA := exec.Command("openssl", "pkcs12", "-export", "-inkey", fmt.Sprintf("%s/ca-key.pem", certsDir), "-in", fmt.Sprintf("%s/ca.pem", certsDir), "-out", fmt.Sprintf("%s/ca.pkcs12", certsDir), "-password", "pass:changeit")
out, err := cmdConvertCA.Output()
if err != nil {
logrus.Error(string(out))
}

logrus.Info("Converting node to pkcs12...")
cmdConvertNode := exec.Command("openssl", "pkcs12", "-export", "-inkey", fmt.Sprintf("%s/node-key.pem", certsDir), "-in", fmt.Sprintf("%s/node.pem", certsDir), "-out", fmt.Sprintf("%s/node.pkcs12", certsDir), "-password", "pass:changeit")
out, err = cmdConvertNode.Output()
cmdConvertNode := exec.Command("openssl", "pkcs12", "-export", "-inkey", fmt.Sprintf("%s/node-key.pem", certsDir), "-in", fmt.Sprintf("%s/node.pem", certsDir), "-out", fmt.Sprintf("%s/node.pkcs12", certsDir), "-password", "pass:changeit", "-certfile", fmt.Sprintf("%s/ca.pem", certsDir))
out, err := cmdConvertNode.Output()
if err != nil {
logrus.Error(string(out))
}

logrus.Info("Converting ca cert to jks...")
cmdCAJKS := exec.Command("keytool", "-importkeystore", "-srckeystore", fmt.Sprintf("%s/ca.pkcs12", certsDir), "-srcalias", "1", "-destkeystore", fmt.Sprintf("%s/truststore.jks", certsDir),
"-storepass", "changeit", "-srcstoretype", "pkcs12", "-srcstorepass", "changeit", "-destalias", "elasticsearch-ca")
cmdCAJKS := exec.Command("keytool", "-import", "-file", fmt.Sprintf("%s/ca.pem", certsDir), "-alias", "root-ca", "-keystore", fmt.Sprintf("%s/truststore.jks", certsDir),
"-storepass", "changeit", "-srcstoretype", "pkcs12", "-noprompt")
out, err = cmdCAJKS.Output()
if err != nil {
logrus.Error(string(out))
Expand Down

0 comments on commit b4516f6

Please sign in to comment.