Shell import certificate to JDK

Example

#!/bin/bash

# get parameter value
while getopts ":h:" opt; do
    case "$opt" in
    h) java_home=$OPTARG
    esac
done

ss_lbr_host=100.96.59.43:443
echo $ss_lbr_host

# configure SSL certificate
keystore_path="$java_home/jre/lib/security"
jsse_keystore="$keystore_path/jssecacerts"
keystore="$keystore_path/cacerts"
pemFile="$keystore_path/publicKey"
certAlias="ss_lbr_cer"

# delete old jssecacerts keystore if exists.
if [ -f $jsse_keystore ]
  then
    rm -f $jsse_keystore
fi
  
# download certificate.
connection="$ss_lbr_host"
echo "openssl connect to download certificate..."
echo | openssl s_client -connect $connection 2>&1 |sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > "$pemFile"
if [[ ! -s $pemFile ]]; then echo "Failed to download SS LBR certificate from $connection"; fi
 
# delete exists same certificate
set +e
bash -e <<TRY
$java_home/bin/keytool -delete -keystore $keystore -storepass changeit -alias $certAlias
TRY
if [ $? -ne 0 ]; then
  echo 'delete exists SS LBR certificate'
fi
    
# import certificate into jdk cacerts keystore.
$java_home/bin/keytool -importcert -file $pemFile -keystore $keystore -storepass changeit -alias $certAlias <<-EOF
    yes
EOF