forked from komamitsu/fluency
-
Notifications
You must be signed in to change notification settings - Fork 0
/
run.sh
executable file
·115 lines (91 loc) · 2.19 KB
/
run.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
#!/usr/bin/env bash
set -eu
if ! egrep '^127.0.0.1\s+my-server$' /etc/hosts; then
echo "Please add '127.0.0.1 my-server' to /etc/hosts"
exit 1
fi
rm -rf ./files
mkdir -p files
pushd files
# Create CA certificate
openssl req \
-new \
-x509 \
-nodes \
-subj '/CN=my-ca' \
-keyout ca.key \
-out ca.crt
# Create server private key
openssl genrsa \
-out server.key
# Create server csr
openssl req \
-new \
-key server.key \
-subj '/CN=my-server' \
-out server.csr
# Create server certification
openssl x509 \
-req \
-in server.csr \
-CA ca.crt \
-CAkey ca.key \
-CAcreateserial \
-out server.crt
# Create client private key
openssl genrsa \
-out client.key
# Create client csr
openssl req \
-new \
-key client.key \
-subj '/CN=my-client' \
-out client.csr
# Create client certification
openssl x509 \
-req \
-in client.csr \
-CA ca.crt \
-CAkey ca.key \
-CAcreateserial \
-out client.crt
# Create Keystore for client Java application
openssl pkcs12 \
-inkey client.key \
-in client.crt \
-export \
-password pass:p12pass \
-out keystore.pkcs12 \
keytool \
-importkeystore \
-srcstorepass p12pass \
-srckeystore keystore.pkcs12 \
-srcstoretype pkcs12 \
-destkeystore keystore.jks \
-destkeypass keypassword \
-deststorepass keypassword
# Create Truststore for client Java application
keytool \
-import \
-noprompt \
-file server.crt \
-alias mytruststore \
-keystore truststore.jks \
-storepass trustpassword
popd
# Start Fluentd as a daemon
rm -f fluentd.log
fluentd -d fluentd.pid -c fluentd.conf -l fluentd.log
trap 'pkill -F fluentd.pid' EXIT
pushd app
./gradlew installDist
export JAVA_OPTS='-Djavax.net.ssl.trustStore=../files/truststore.jks -Djavax.net.ssl.trustStorePassword=trustpassword -Djavax.net.ssl.keyStore=../files/keystore.jks -Djavax.net.ssl.keyStorePassword=keypassword'
build/install/fluency-test-mutual-tls/bin/fluency-test-mutual-tls my-server 24224 fluency.test
popd
sleep 5
if grep 'forwarded.fluency.test:' fluentd.log; then
exit 0
fi
echo "Test failed."
egrep '\[(error|warn)\]' fluentd.log
exit 1