2

I am trying to run .sh file to put certificate via keytool command in every jre/lib/security/cacert file described in ~/.java/deployment/deployment.properties file.

But getting error "Keystore parameter must not be empty" in 

sudo bash -c keytool -import -v -trustcacerts -alias test-cert -file ./test.cer -keystore ${resultPath};

I already tried use eval and "$()" notation - but this failed too. How can I fix that?

#!/bin/bash

PATTERN=deployment\.javaws\.jre\.[0-9]*\.path
FILE=~/.java/deployment/deployment.properties
sep='='
trail=lib/security/cacerts

#Traverse file line by line
while read line ; do

  #If line matches pattern
  if printf %s\\n "${line}" | grep -q "${PATTERN}"; then
    case $line in 
      (*"$sep"*)

        #Process line to get path for ../jre/lib/security/cacert file
        after=${line#*"$sep"};
        resultPath=${after%????????}${trail};

        #This fails : ${resultPath} somehow is empty
        sudo bash -c keytool -import -v -trustcacerts -alias test-cert -file ./test.cer -keystore ${resultPath};

      ;;
      (*)
      ;;
    esac
  fi
done < "$FILE"

UPDATE: Running script through bash -vx ./script.sh show this output:

#!/bin/bash
PATTERN=deployment\.javaws\.jre\.[0-9]*\.path
+ PATTERN='deployment.javaws.jre.[0-9]*.path'
FILE=~/.java/deployment/deployment.properties
+ FILE=/home/sanya/.java/deployment/deployment.properties
sep='='
+ sep==
trail=lib/security/cacerts
+ trail=lib/security/cacerts

#Traverse file line by line
while read line ; do

  #If line matches pattern
  if printf %s\\n "${line}" | grep -q "${PATTERN}"; then
    case $line in 
      (*"$sep"*)

        #Process line to get path for ../jre/lib/security/cacert file
        after=${line#*"$sep"};
        resultPath=${after%????????}${trail};

        #This fails : ${resultPath} somehow is empty
        sudo keytool -importcert -v -trustcacerts -alias test -file ./test.cer -keystore ${resultPath};
      ;;
      (*)
      ;;
    esac
  fi
done < "$FILE"
+ read line
+ printf '%s\n' '#deployment.properties'
+ grep -q 'deployment.javaws.jre.[0-9]*.path'
+ read line
+ grep -q 'deployment.javaws.jre.[0-9]*.path'
+ printf '%s\n' '#Sat Sep 06 10:48:49 MSK 2014'
+ read line
+ printf '%s\n' deployment.modified.timestamp=1409986129309
+ grep -q 'deployment.javaws.jre.[0-9]*.path'
+ read line
+ printf '%s\n' deployment.version=7.21
+ grep -q 'deployment.javaws.jre.[0-9]*.path'
+ read line
+ printf '%s\n' deployment.browser.path=/usr/bin/firefox
+ grep -q 'deployment.javaws.jre.[0-9]*.path'
+ read line
+ grep -q 'deployment.javaws.jre.[0-9]*.path'
+ printf '%s\n' '#Java Deployment jre'\''s'
+ read line
+ grep -q 'deployment.javaws.jre.[0-9]*.path'
+ printf '%s\n' '#Sat Sep 06 10:48:49 MSK 2014'
+ read line
+ printf '%s\n' deployment.javaws.jre.0.registered=true
+ grep -q 'deployment.javaws.jre.[0-9]*.path'
+ read line
+ grep -q 'deployment.javaws.jre.[0-9]*.path'
+ printf '%s\n' deployment.javaws.jre.0.platform=1.7
+ read line
+ grep -q 'deployment.javaws.jre.[0-9]*.path'
+ printf '%s\n' deployment.javaws.jre.0.osname=Linux
+ read line
+ grep -q 'deployment.javaws.jre.[0-9]*.path'
+ printf '%s\n' deployment.javaws.jre.0.path=/usr/lib/jvm/java-7-oracle/jre/bin/java
+ case $line in
+ after=/usr/lib/jvm/java-7-oracle/jre/bin/java
+ resultPath=/usr/lib/jvm/java-7-oracle/jre/lib/security/cacerts
+ sudo keytool -importcert -v -trustcacerts -alias test -file ./test.cer -keystore /usr/lib/jvm/java-7-oracle/jre/lib/security/cacerts
Enter keystore password:  keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect
java.io.IOException: Keystore was tampered with, or password was incorrect
    at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772)
    at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
    at java.security.KeyStore.load(KeyStore.java:1214)
    at sun.security.tools.KeyTool.doCommands(KeyTool.java:885)
    at sun.security.tools.KeyTool.run(KeyTool.java:340)
    at sun.security.tools.KeyTool.main(KeyTool.java:333)
Caused by: java.security.UnrecoverableKeyException: Password verification failed
    at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770)
    ... 5 more
+ read line

An error line

Enter keystore password:  keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect

showing because user should enter password for keystore file, but when this script runs, no prompt about entering password is given. How can I fix that?

Improve this question
4
  • run the script with bash -vx script and examine the output Commented Sep 5, 2014 at 19:05
  • unfortunatelly, I could only use sh ./script.sh to run script. Commented Sep 5, 2014 at 19:24
  • 1
    but your "sh-bang" line is !#/bin/bash. Did you try sh -x ./script.sh or can't you use that either? Can you edit your script or run a edited copy of it from the /tmp dir? Then add set -x above your sudo line and set -x after that line. Good luck. Commented Sep 5, 2014 at 19:52
  • @shelter Updated the question with use of bash -vx script. Another issue: user should be asked for password, but instead of that, an error appears. Commented Sep 6, 2014 at 8:53

1 Answer 1

Reset to default
1

You should use double quotes to ensure that the variable expansion ${resultPath} produces a word for the shell.

Thus your critical line should be

sudo keytool -importcert -v -trustcacerts -alias test -file ./test.cer -keystore "${resultPath}";

You could also be interested in :? or :- variable expansion modifiers.

Note It seems to me that the keytool program complains that your file is not valid, maybe your issue has nothing with shell programming.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.