Skip to content

Commit

Permalink
Debug
Browse files Browse the repository at this point in the history
  • Loading branch information
MikkoKauhanen committed Dec 4, 2024
1 parent 4b857cd commit 8570d46
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 3 deletions.
15 changes: 12 additions & 3 deletions aoe-data-analytics/service-etl-processor/import_rds_certs.sh
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,9 @@ fi
mydir=/certs
truststore=${mydir}/rds-truststore.jks
storepassword="$TRUST_STORE_PASSWORD"
curl -sS "https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem" > ${mydir}/global-bundle.pem

curl -sS "https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem" > ${mydir}/rds-combined-ca-bundle.pem
awk 'split_after == 1 {n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1}{print > "rds-ca-" n ".pem"}' < ${mydir}/rds-combined-ca-bundle.pem
awk 'split_after == 1 {n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1}{print > "rds-ca-" n ".pem"}' < ${mydir}/global-bundle.pem

for CERT in rds-ca-*; do
alias=$(openssl x509 -noout -text -in $CERT | perl -ne 'next unless /Subject:/; s/.*(CN=|CN = )//; print')
Expand All @@ -22,4 +22,13 @@ for CERT in rds-ca-*; do
rm $CERT
done

rm ${mydir}/rds-combined-ca-bundle.pem
rm ${mydir}/global-bundle.pem

# code below is just double-checking, listing the certificates using keytool
echo "Trust store content is: "

keytool -list -v -keystore "$truststore" -storepass ${storepassword} | grep Alias | cut -d " " -f3- | while read alias
do
expiry=`keytool -list -v -keystore "$truststore" -storepass ${storepassword} -alias "${alias}" | grep Valid | perl -ne 'if(/until: (.*?)\n/) { print "$1\n"; }'`
echo " Certificate ${alias} expires in '$expiry'"
done
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,15 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.CommandLineRunner;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;

import java.io.FileInputStream;
import java.security.KeyStore;
import java.util.Enumeration;

@Component
@Order(1)
public class JksFileChecker implements CommandLineRunner {

private static final Logger LOG = LoggerFactory.getLogger(JksFileChecker.class.getSimpleName());
Expand Down

0 comments on commit 8570d46

Please sign in to comment.