summaryrefslogtreecommitdiff
path: root/cpp/demo/IceGrid/secure/makecerts.py
blob: d50f444bf6efb58d897e57479b22db09d332adf3 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

#!/usr/bin/env python
# **********************************************************************
#
# Copyright (c) 2003-2014 ZeroC, Inc. All rights reserved.
#
# This copy of Ice is licensed to you under the terms described in the
# ICE_LICENSE file included in this distribution.
#
# **********************************************************************

import os, sys, shutil, glob

def runIceca(args):
    os.environ['PYTHONUNBUFFERED'] = '1'
    command = 'iceca %s' % args

    # Look for iceca in the PATH, if found, execute it with the
    # current python executable.
    for path in os.environ.get("PATH", "").split(os.pathsep):
        if os.path.exists(os.path.join(path, "iceca")):
            command = '%s "%s" %s' % (sys.executable, os.path.join(path, "iceca"), args)

    if os.system(command):
        sys.exit(1)

def createCertificate(filename, cn):

    print("======= Creating " + filename + " certificate =======")

    runIceca('request --no-password --overwrite "%s" "%s"' % (filename, cn))
    runIceca('sign --in %s_req.pem --out %s_cert.pem --dns="localhost" --ip="127.0.0.1"' % (filename, filename))
    os.remove("%s_req.pem" % filename)

    print("")
    print("")

cwd = os.getcwd()
if not os.path.exists("certs") or os.path.basename(cwd) != "secure":
    print("You must run this script from the secure demo directory")
    sys.exit(1)

os.environ["ICE_CA_HOME"] = os.path.abspath("certs")

os.chdir("certs")

#
# First, create the certificate authority.
#
print("======= Creating Certificate Authority =======")
runIceca("init --overwrite --no-password")
print("")
print("")

createCertificate("master", "Master")
createCertificate("slave", "Slave")
createCertificate("node", "Node")
createCertificate("glacier2", "Glacier2")
createCertificate("server", "Server")

print("======= Creating Java Key Store =======")

try:
    os.remove("certs.jks")
except OSError:
    pass

runIceca("import --key-pass password --store-pass password --java ca_cert ca/db/ca_cert.pem ca/db/ca_key.pem certs.jks")

os.chdir("..")
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-03 12:40:03 +0000