Search results
Add Cosmos DB Emulator Certificate to TrustStore using Bash Shell Script
~/bin/import-cosmosdb-emulator-cert.sh:
#!/bin/bash
ipaddr="`ifconfig | grep "inet " | grep -Fv 127.0.0.1 | awk '{print $2}' | head -n 1`"
# If emulator was started with /AllowNetworkAccess, replace the below with the actual IP address of it:
EMULATOR_HOST=$ipaddr
EMULATOR_PORT=8081
EMULATOR_CERT_PATH=~/bin/emulator_cert.crt
CUSTOM_KEYSTORE_PATH=$JAVA_HOME/lib/security/custom-cacerts
# Custom keystore
if [ ! -f $CUSTOM_KEYSTORE_PATH ]
then
cp $JAVA_HOME/lib/security/cacerts $JAVA_HOME/lib/security/custom-cacerts
else
echo "$JAVA_HOME/lib/security/custom-cacerts file exists"
fi
# Get the Cert from Cosmos DB Emulator
curl -k https://${EMULATOR_HOST}:${EMULATOR_PORT}/_explorer/emulator.pem </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > $EMULATOR_CERT_PATH
# Delete the cert if already exists
$JAVA_HOME/bin/keytool -keystore $CUSTOM_KEYSTORE_PATH -delete -alias cosmos_emulator -storepass changeit -noprompt
# Import the cert into the truststore
$JAVA_HOME/bin/keytool -importcert -trustcacerts -alias cosmos_emulator -file $EMULATOR_CERT_PATH -keystore $CUSTOM_KEYSTORE_PATH -storepass changeit -noprompt
Usage
~/bin/import-cosmosdb-emulator-cert.sh
with VM arguments:
javax.net.ssl.trustStore: $JAVA_HOME/lib/security/custom-cacerts
javax.net.ssl.trustStorePassword: changeit
javax.net.ssl.trustStoreType: PKCS12
