cadyyan · August 12, 2019 06:27 · Apr 1, 2016 · Mar 31, 2016 · Mar 31, 2016
diff --git a/lets-encrypt-java-fix.sh b/lets-encrypt-java-fix.sh
@@ -16,7 +16,7 @@ import_cert() {
     fi
 
     keytool -importcert -noprompt -trustcacerts       \
-            -storepass changeit \
+            -keystore "$KEYSTORE" -storepass changeit \
             -alias "$CERT_ALIAS" -file "$CERT"
 }
 

diff --git a/lets-encrypt-java-fix.sh b/lets-encrypt-java-fix.sh
@@ -1,5 +1,25 @@
 #!/bin/bash
 
+download_cert() {
+    URL="https://letsencrypt.org/certs/${1}.der"
+
+    wget --quiet --no-clobber $URL
+}
+
+import_cert() {
+    CERT=$1
+    CERT_ALIAS=$2
+
+    if [ -z "$CERT_ALIAS" ];
+    then
+        CERT_ALIAS=${CERT%%.*}
+    fi
+
+    keytool -importcert -noprompt -trustcacerts       \
+            -storepass changeit \
+            -alias "$CERT_ALIAS" -file "$CERT"
+}
+
 if [ -z "$JAVA_HOME" ];
 then
 	echo "JAVA_HOME not set"
@@ -15,15 +35,23 @@ then
 	exit 1
 fi
 
-KEYSTORE="$JAVA_HOME/jre/lib/security/cacerts"
+#KEYSTORE="$JAVA_HOME/jre/lib/security/cacerts"
+
+echo "Downloading certificates..."
+download_cert isrgrootx1
+download_cert lets-encrypt-x1-cross-signed
+download_cert lets-encrypt-x2-cross-signed
+download_cert lets-encrypt-x3-cross-signed
+download_cert lets-encrypt-x4-cross-signed
 
 echo "Importing root certificate..."
-keytool -importcert -noprompt -trustcacerts -keystore "$KEYSTORE" -storepass changeit -alias lets-encrypt-isrgrootx1 -file isrgrootx1.der
+import_cert isrgrootx1.der lets-encrypt-isrgrootx1
 echo "Import cross-signed certificate 1..."
-keytool -importcert -noprompt -trustcacerts -keystore "$KEYSTORE" -storepass changeit -alias lets-encrypt-x1-cross-signed -file lets-encrypt-x1-cross-signed.der
+import_cert lets-encrypt-x1-cross-signed.der
 echo "Import cross-signed certificate 2..."
-keytool -importcert -noprompt -trustcacerts -keystore "$KEYSTORE" -storepass changeit -alias lets-encrypt-x2-cross-signed -file lets-encrypt-x2-cross-signed.der
+import_cert lets-encrypt-x2-cross-signed.der
 echo "Import cross-signed certificate 3..."
-keytool -importcert -noprompt -trustcacerts -keystore "$KEYSTORE" -storepass changeit -alias lets-encrypt-x3-cross-signed -file lets-encrypt-x3-cross-signed.der
+import_cert lets-encrypt-x3-cross-signed.der
 echo "Import cross-signed certificate 4..."
-keytool -importcert -noprompt -trustcacerts -keystore "$KEYSTORE" -storepass changeit -alias lets-encrypt-x4-cross-signed -file lets-encrypt-x4-cross-signed.der
+import_cert lets-encrypt-x4-cross-signed.der
+
diff --git a/lets-encrypt-java-fix.sh b/lets-encrypt-java-fix.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+if [ -z "$JAVA_HOME" ];
+then
+	echo "JAVA_HOME not set"
+	exit 1
+fi
+
+read -p "Updating keystore for JRE located at $JAVA_HOME. Is this correct? [y/N]: " -n 1 -r
+echo
+
+if [[ ! $REPLY =~ ^[Yy]$ ]]
+then
+	echo "Cancelled"
+	exit 1
+fi
+
+KEYSTORE="$JAVA_HOME/jre/lib/security/cacerts"
+
+echo "Importing root certificate..."
+keytool -importcert -noprompt -trustcacerts -keystore "$KEYSTORE" -storepass changeit -alias lets-encrypt-isrgrootx1 -file isrgrootx1.der
+echo "Import cross-signed certificate 1..."
+keytool -importcert -noprompt -trustcacerts -keystore "$KEYSTORE" -storepass changeit -alias lets-encrypt-x1-cross-signed -file lets-encrypt-x1-cross-signed.der
+echo "Import cross-signed certificate 2..."
+keytool -importcert -noprompt -trustcacerts -keystore "$KEYSTORE" -storepass changeit -alias lets-encrypt-x2-cross-signed -file lets-encrypt-x2-cross-signed.der
+echo "Import cross-signed certificate 3..."
+keytool -importcert -noprompt -trustcacerts -keystore "$KEYSTORE" -storepass changeit -alias lets-encrypt-x3-cross-signed -file lets-encrypt-x3-cross-signed.der
+echo "Import cross-signed certificate 4..."
+keytool -importcert -noprompt -trustcacerts -keystore "$KEYSTORE" -storepass changeit -alias lets-encrypt-x4-cross-signed -file lets-encrypt-x4-cross-signed.der
No results found