Shell script to find out aliases and their expiration in cacerts

 

#!/bin/bash

# Set the path to the Java installation directory

JAVA_HOME="/opt/java"

# Set the password for the keystore

KEYSTORE_PASS="keystore_password"


# List all aliases in the keystore

ALIASES=$(keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass $KEYSTORE_PASS | grep "Alias name:" | awk '{print $3}')


# Loop through the aliases and get the expiration date for each certificate

for ALIAS in $ALIASES; do

    # Get the expiration date in human-readable format

    EXP_DATE=$(keytool -list -v -alias $ALIAS -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass $KEYSTORE_PASS | grep "Valid from" | awk '{print $3 " " $4 " " $7 " " $6}')


    # Print the alias name and expiration date

    echo "Alias Name: $ALIAS"

    echo "Expiration Date: $EXP_DATE"

    echo ""

done





Replace "/path/to/java" with the path to your Java installation directory, and "keystore_password" with the password for the cacerts keystore.

The script uses the keytool command to list all the aliases in the keystore, then loops through each alias and gets the expiration date for the corresponding certificate. The alias name and expiration date are printed for each certificate.

To run the script, save it as a file with a .sh extension (e.g. check-all-certs-expiration.sh), make it executable with the command "chmod +x check-all-certs-expiration.sh", then run it with the command "./check-all-certs-expiration.sh". Note that you may need to run the script with elevated privileges (e.g. sudo) to access the cacerts keystore.

Comments

Post a Comment

Popular posts from this blog

shell script to scp multiple file to multiple destinations

  #!/bin/bash # Prompt the user for the name of the file to transfer using printf and read commands printf "Enter the name of the file to transfer: " read filename # Prompt the user for the IP addresses to transfer the files to using printf and read commands printf "Enter the IP addresses to transfer the file(s) to (separated by spaces): " read -a ips # Define the username to use for the SCP transfer username="user" # Loop through the array of IP addresses and transfer the file to each one for ip in "${ips[@]}" do     # Use printf to display a message before transferring each file     printf "Transferring %s to %s...\n" "$filename" "$ip"         # Use scp to transfer the file to the current IP address     scp "$filename" "${username}@${ip}:~/" done # Use printf to display a summary message when the transfers are complete printf "Transferred %s to %d IP addresses.\n" "$filename"...
Read more

How to resolve port conflict in websphere

 To resolve port conflicts in WebSphere Application Server on Linux, you can follow the below steps: Determine the port that is in conflict: a. Login in server b. Run the command: ./netstat -an | grep <port> where <port> is the port number that is in conflict. Identify the process that is using the port: a. Run the command: ps -ef | grep <PID> where <PID> is the Process ID (PID) of the process that is using the port. Stop the process that is using the port: a. Use the kill command to stop the process: kill -9 <PID> where <PID> is the Process ID of the process that is using the port. b. Change port in serverindex.xml file if required  c.Stop node and sync with dmgr then start node Restart the WebSphere Application Server: a. Go to the WebSphere installation directory: cd /opt/IBM/WebSphere/AppServer/bin b. Run the command: ./stopServer.sh <server_name> where <server_name> is the name of the server that you modified the port number...
Read more