From ff0bf0c6840e3f049478b14f3ca61bb4f184bb65 Mon Sep 17 00:00:00 2001 From: "saurabh.kumar2@in.pega.com" Date: Thu, 12 Oct 2023 18:21:02 +0530 Subject: [PATCH 1/7] US-572876 - Adding more extensions to certificate --- scripts/docker-entrypoint.sh | 2 +- tests/pega-web-ready-testcases.yaml | 2 +- tests/test-artifacts/certs/test.crt | 37 +++++++++++++++++++++++++++++ 3 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 tests/test-artifacts/certs/test.crt diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh index c3ed3c79..4de99500 100644 --- a/scripts/docker-entrypoint.sh +++ b/scripts/docker-entrypoint.sh @@ -125,7 +125,7 @@ if [ "$(ls -A "${pega_root}/artifactory/cert"/*)" ]; then filename=$(basename "$certfile") ext="${filename##*.}" echo "$filename" - if [ "$ext" = "cer" ] || [ "$ext" = "pem" ] || [ "$ext" = "crt" ] || [ "$ext" = "der" ]; then + if [[ "$ext" =~ ^(cer|pem|crt|der|cert|jks|p7b|p7c|key)$ ]]; then echo "$certfile" custom_artifactory_certificate="--cacert "$certfile else diff --git a/tests/pega-web-ready-testcases.yaml b/tests/pega-web-ready-testcases.yaml index 47816727..24758e92 100755 --- a/tests/pega-web-ready-testcases.yaml +++ b/tests/pega-web-ready-testcases.yaml @@ -1581,7 +1581,7 @@ commandTests: keytool -list -keystore $JAVA_HOME/lib/security/cacerts -alias badsslcert -storepass changeit && keytool -list -keystore $JAVA_HOME/lib/security/cacerts -alias goodsslcert -storepass changeit exitCode: 0 - expectedOutput: ["badsslcert(.*)trustedCertEntry,","goodsslcert(.*)trustedCertEntry,"] + expectedOutput: ["badsslcert(.*)trustedCertEntry,","goodsslcert(.*)trustedCertEntry,","testcert(.*)trustedCertEntry,"] # Verify custom artifactory invalid certificate - name: "Custom artifactory invalid certificate check" diff --git a/tests/test-artifacts/certs/test.crt b/tests/test-artifacts/certs/test.crt new file mode 100644 index 00000000..88693aca --- /dev/null +++ b/tests/test-artifacts/certs/test.crt @@ -0,0 +1,37 @@ +-----BEGIN CERTIFICATE----- +MIIGizCCBXOgAwIBAgIQYnvLQo/q1fYkYzoTIwLnUTANBgkqhkiG9w0BAQsFADBE +MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU +R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTYxMDI1MDAwMDAwWhcNMTgxMTI0MjM1 +OTU5WjCBgzELMAkGA1UEBhMCTVgxGTAXBgNVBAgMEERpc3RyaXRvIEZlZGVyYWwx +GTAXBgNVBAcMEENpdWRhZCBkZSBNZXhpY28xJDAiBgNVBAoMG0VsZWN0cm9uaWMg +QmlsbHMgJiBTZXJ2aWNlczEYMBYGA1UEAwwPZWJzLWNmZGkuY29tLm14MIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiHnBIOWZFmZlpHU/3t0n4uBlhuc +Ws1hAJ85EiCJqlPSBKjApl8LgWn6IDBPo5Fxy3sZI0FfkfHWx4kX7XJeDD0p1ET3 +6pAfUpL5iqKWozYF1LEZhse/Vv1C3HK7J0Q58vI19cyIy3OrvXUkZ4U2bQ25/7Dx +wR+juhBNrxr72GmVrJqUdkaQKDksMN8uqjqeWh33i8HIjC55zusBq/5BycTS6LzZ +uAaueozASmmj/iMDjc1RimKTM3/MU4/ww0pXz8zOSJhXbFUwzmwz5sIodo3+ePG+ +6zKeBshvlOLLrMIaUsU3978BqMWhZXGsvolinjkKB8wrJ8TGKOqsg7KLPwIDAQAB +o4IDNzCCAzMwLwYDVR0RBCgwJoIPZWJzLWNmZGkuY29tLm14ghN3d3cuZWJzLWNm +ZGkuY29tLm14MAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMCsGA1UdHwQkMCIw +IKAeoByGGmh0dHA6Ly9nbi5zeW1jYi5jb20vZ24uY3JsMIGdBgNVHSAEgZUwgZIw +gY8GBmeBDAECAjCBhDA/BggrBgEFBQcCARYzaHR0cHM6Ly93d3cuZ2VvdHJ1c3Qu +Y29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMEEGCCsGAQUFBwICMDUMM2h0 +dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvcmVwb3NpdG9yeS9sZWdh +bDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU0m/3 +lvSFP3I8MH0j2oV4m6N8WnwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNo +dHRwOi8vZ24uc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vZ24uc3ltY2Iu +Y29tL2duLmNydDCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHYA3esdK3oNT6Yg +i4GtgWhwfi6OnQHVXIiNPRHEzbbsvswAAAFX/e3IRgAABAMARzBFAiBarKRL+C6T +CuSVymwfSvrvIfohTzHTz1eRg3lVZJYIcwIhAJADAJR5U7SEZVM3buA5e+AL48Ke +mlLZPuJ4L7rvMRd6AHUAaPaY+B9kgr46jO65KB1M/HFRXWeT1ETRCmesu09P+8QA +AAFX/e3IYAAABAMARjBEAiB++rmbLX29JC7BnvT2H3Lb3zedNNZvk8mKAWW2e6Y+ +zQIgQqGJBYEwm0b54iDxBNXHZJj88LldHXC1ZPbeq+cWhuoAdgDuS723dc5guuFC +aR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAVf97ciIAAAEAwBHMEUCIDZL2qZpyFZw +KMiW1EYYbjZ04r1kb5yq1oWDI8AgiDdjAiEAyFQeCZdunoyVKHSSC24gmjgNyiOr +0P9NLZSMW4IMXmIwDQYJKoZIhvcNAQELBQADggEBAGzLoI3ExFq9C0DW66TQ+xzq +CiFeTGeMImtO7ohRUIOyQQiScuGTIQv3tr52x1VLEDDHFLoHbVirxQnWEOg4VjhZ +ZlCdXPONs/eHQMwTk7u8FrNqM1d4eFMM4ob4mQrQSWvOV4iis3bkCLfKM4ZLZhxV +gqjvQlZggiPWSR11db21DKTwyv7rZJKHXFCi5qxJfsQHgGkXN1F+mD56r7e0WHL/ +gIWWzShIa8IqMu71i/15hwRWAe8a79nPQsSH/pi9BNqHUko9B3Jurd48iiRoqSip +OS+3jR+VjfzTJzo1lk1otde3p7E9TLehK4VI00PflZIPEeidTtXBfLi2yzDNWqY= +-----END CERTIFICATE----- From 8b41658711a571ff3457a29032f922b5251e9fa7 Mon Sep 17 00:00:00 2001 From: "saurabh.kumar2@in.pega.com" Date: Thu, 12 Oct 2023 19:05:19 +0530 Subject: [PATCH 2/7] US-572876 - Adding more extensions to certificate --- tests/pega-web-ready-testcases.yaml | 3 ++- tests/test-artifacts/certs/test.inv | 37 +++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 tests/test-artifacts/certs/test.inv diff --git a/tests/pega-web-ready-testcases.yaml b/tests/pega-web-ready-testcases.yaml index 24758e92..11d8ec8f 100755 --- a/tests/pega-web-ready-testcases.yaml +++ b/tests/pega-web-ready-testcases.yaml @@ -1579,7 +1579,8 @@ commandTests: bash -c './scripts/docker-entrypoint.sh run &'&& sleep 15s && keytool -list -keystore $JAVA_HOME/lib/security/cacerts -alias badsslcert -storepass changeit && - keytool -list -keystore $JAVA_HOME/lib/security/cacerts -alias goodsslcert -storepass changeit + keytool -list -keystore $JAVA_HOME/lib/security/cacerts -alias goodsslcert -storepass changeit && + keytool -list -keystore $JAVA_HOME/lib/security/cacerts -alias testcert -storepass changeit exitCode: 0 expectedOutput: ["badsslcert(.*)trustedCertEntry,","goodsslcert(.*)trustedCertEntry,","testcert(.*)trustedCertEntry,"] diff --git a/tests/test-artifacts/certs/test.inv b/tests/test-artifacts/certs/test.inv new file mode 100644 index 00000000..88693aca --- /dev/null +++ b/tests/test-artifacts/certs/test.inv @@ -0,0 +1,37 @@ +-----BEGIN CERTIFICATE----- +MIIGizCCBXOgAwIBAgIQYnvLQo/q1fYkYzoTIwLnUTANBgkqhkiG9w0BAQsFADBE +MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU +R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTYxMDI1MDAwMDAwWhcNMTgxMTI0MjM1 +OTU5WjCBgzELMAkGA1UEBhMCTVgxGTAXBgNVBAgMEERpc3RyaXRvIEZlZGVyYWwx +GTAXBgNVBAcMEENpdWRhZCBkZSBNZXhpY28xJDAiBgNVBAoMG0VsZWN0cm9uaWMg +QmlsbHMgJiBTZXJ2aWNlczEYMBYGA1UEAwwPZWJzLWNmZGkuY29tLm14MIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiHnBIOWZFmZlpHU/3t0n4uBlhuc +Ws1hAJ85EiCJqlPSBKjApl8LgWn6IDBPo5Fxy3sZI0FfkfHWx4kX7XJeDD0p1ET3 +6pAfUpL5iqKWozYF1LEZhse/Vv1C3HK7J0Q58vI19cyIy3OrvXUkZ4U2bQ25/7Dx +wR+juhBNrxr72GmVrJqUdkaQKDksMN8uqjqeWh33i8HIjC55zusBq/5BycTS6LzZ +uAaueozASmmj/iMDjc1RimKTM3/MU4/ww0pXz8zOSJhXbFUwzmwz5sIodo3+ePG+ +6zKeBshvlOLLrMIaUsU3978BqMWhZXGsvolinjkKB8wrJ8TGKOqsg7KLPwIDAQAB +o4IDNzCCAzMwLwYDVR0RBCgwJoIPZWJzLWNmZGkuY29tLm14ghN3d3cuZWJzLWNm +ZGkuY29tLm14MAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMCsGA1UdHwQkMCIw +IKAeoByGGmh0dHA6Ly9nbi5zeW1jYi5jb20vZ24uY3JsMIGdBgNVHSAEgZUwgZIw +gY8GBmeBDAECAjCBhDA/BggrBgEFBQcCARYzaHR0cHM6Ly93d3cuZ2VvdHJ1c3Qu +Y29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMEEGCCsGAQUFBwICMDUMM2h0 +dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvcmVwb3NpdG9yeS9sZWdh +bDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU0m/3 +lvSFP3I8MH0j2oV4m6N8WnwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNo +dHRwOi8vZ24uc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vZ24uc3ltY2Iu +Y29tL2duLmNydDCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHYA3esdK3oNT6Yg +i4GtgWhwfi6OnQHVXIiNPRHEzbbsvswAAAFX/e3IRgAABAMARzBFAiBarKRL+C6T +CuSVymwfSvrvIfohTzHTz1eRg3lVZJYIcwIhAJADAJR5U7SEZVM3buA5e+AL48Ke +mlLZPuJ4L7rvMRd6AHUAaPaY+B9kgr46jO65KB1M/HFRXWeT1ETRCmesu09P+8QA +AAFX/e3IYAAABAMARjBEAiB++rmbLX29JC7BnvT2H3Lb3zedNNZvk8mKAWW2e6Y+ +zQIgQqGJBYEwm0b54iDxBNXHZJj88LldHXC1ZPbeq+cWhuoAdgDuS723dc5guuFC +aR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAVf97ciIAAAEAwBHMEUCIDZL2qZpyFZw +KMiW1EYYbjZ04r1kb5yq1oWDI8AgiDdjAiEAyFQeCZdunoyVKHSSC24gmjgNyiOr +0P9NLZSMW4IMXmIwDQYJKoZIhvcNAQELBQADggEBAGzLoI3ExFq9C0DW66TQ+xzq +CiFeTGeMImtO7ohRUIOyQQiScuGTIQv3tr52x1VLEDDHFLoHbVirxQnWEOg4VjhZ +ZlCdXPONs/eHQMwTk7u8FrNqM1d4eFMM4ob4mQrQSWvOV4iis3bkCLfKM4ZLZhxV +gqjvQlZggiPWSR11db21DKTwyv7rZJKHXFCi5qxJfsQHgGkXN1F+mD56r7e0WHL/ +gIWWzShIa8IqMu71i/15hwRWAe8a79nPQsSH/pi9BNqHUko9B3Jurd48iiRoqSip +OS+3jR+VjfzTJzo1lk1otde3p7E9TLehK4VI00PflZIPEeidTtXBfLi2yzDNWqY= +-----END CERTIFICATE----- From 7a8eacf294c01a41071ed8aca65c73d60e9d0ee0 Mon Sep 17 00:00:00 2001 From: "saurabh.kumar2@in.pega.com" Date: Fri, 13 Oct 2023 10:22:53 +0530 Subject: [PATCH 3/7] US-572876 - Refactored certificate condition check to allow more extension --- scripts/docker-entrypoint.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh index 4de99500..402f6de5 100644 --- a/scripts/docker-entrypoint.sh +++ b/scripts/docker-entrypoint.sh @@ -185,7 +185,8 @@ do filename=$(basename "$certfile") ext="${filename##*.}" echo "$filename" - if [ "$ext" = "cer" ] || [ "$ext" = "pem" ] || [ "$ext" = "crt" ] || [ "$ext" = "der" ]; then + if [[ "$ext" =~ ^(cer|pem|crt|der|cert|jks|p7b|p7c|key)$ ]]; then + echo "Reached here" echo "${filename%.*}"cert keytool -keystore "$JAVA_HOME"/lib/security/cacerts -storepass changeit -noprompt -trustcacerts -importcert -alias "${filename%.*}"cert -file "$certfile" fi From bdd85ed695394fc125d9d4c7006b0a5f35ca82ed Mon Sep 17 00:00:00 2001 From: "saurabh.kumar2@in.pega.com" Date: Fri, 13 Oct 2023 15:43:20 +0530 Subject: [PATCH 4/7] US-572876 - Refactored certificate condition check to allow more extension --- scripts/docker-entrypoint.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh index 402f6de5..2449512e 100644 --- a/scripts/docker-entrypoint.sh +++ b/scripts/docker-entrypoint.sh @@ -186,7 +186,6 @@ do ext="${filename##*.}" echo "$filename" if [[ "$ext" =~ ^(cer|pem|crt|der|cert|jks|p7b|p7c|key)$ ]]; then - echo "Reached here" echo "${filename%.*}"cert keytool -keystore "$JAVA_HOME"/lib/security/cacerts -storepass changeit -noprompt -trustcacerts -importcert -alias "${filename%.*}"cert -file "$certfile" fi From 48b8e103bba3f79dce6d3ca11365403dc6adb215 Mon Sep 17 00:00:00 2001 From: kumas39 Date: Tue, 26 Dec 2023 14:25:14 +0530 Subject: [PATCH 5/7] US-572876 - changes for certs manager to support custom keystore --- scripts/docker-entrypoint.sh | 17 ++++++++-- tests/pega-web-ready-testcases.yaml | 50 +++++++++++++++++++++++++++++ 2 files changed, 64 insertions(+), 3 deletions(-) diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh index 964a1e30..3c899f24 100644 --- a/scripts/docker-entrypoint.sh +++ b/scripts/docker-entrypoint.sh @@ -82,9 +82,20 @@ do fi done -#tomcat ssl certs -tomcat_keystore_password_file="${tls_cert_root}/TOMCAT_KEYSTORE_PASSWORD" -tomcat_keystore_file="${tls_cert_root}/TOMCAT_KEYSTORE_CONTENT" +# tomcat ssl certs +if [ -n "$EXTERNAL_KEYSTORE_NAME" ]; then + echo "External custom keystore name key found" + tomcat_keystore_file="${tls_cert_root}/$EXTERNAL_KEYSTORE_NAME" +else + tomcat_keystore_file="${tls_cert_root}/TOMCAT_KEYSTORE_CONTENT" +fi + +if [ -n "$EXTERNAL_KEYSTORE_PASSWORD" ]; then + echo "External custom keystore password key found" + tomcat_keystore_password_file="${tls_cert_root}/$EXTERNAL_KEYSTORE_PASSWORD" +else + tomcat_keystore_password_file="${tls_cert_root}/TOMCAT_KEYSTORE_PASSWORD" +fi if [ -e "$tomcat_keystore_password_file" ]; then TOMCAT_KEYSTORE_PASSWORD=$(<${tomcat_keystore_password_file}) diff --git a/tests/pega-web-ready-testcases.yaml b/tests/pega-web-ready-testcases.yaml index 5093bc6d..7353293f 100755 --- a/tests/pega-web-ready-testcases.yaml +++ b/tests/pega-web-ready-testcases.yaml @@ -2338,3 +2338,53 @@ commandTests: if [ "$(ls /opt/pega/config | wc -l)" -ne "$(ls /opt/pega/decompressedconfig | wc -l)" ]; then echo "missing files in file_list variable"; fi exitCode: 0 excludedOutput: [ "missing files in file_list variable" ] + + # Verify external custom tomcat keystore + - name: "External Custom Tomcat Keystore files" + envVars: + - key: "JDBC_URL" + value: "jdbc:postgresql://localhost:5432/pegadb" + - key: "JDBC_CLASS" + value: "org.postgresql.Driver" + - key: "DB_USERNAME" + value: "postgres" + - key: "DB_PASSWORD" + value: "postgres" + - key: "RULES_SCHEMA" + value: "rules" + - key: "DATA_SCHEMA" + value: "data" + - key: "EXTERNAL_KEYSTORE_NAME" + value: "keystore.jks" + command: "bash" + args: + - -c + - | + bash -c './scripts/docker-entrypoint.sh' + exitCode: 0 + excludedOutput: [ "External custom keystore name key found" ] + + # Verify external custom tomcat keystore password key + - name: "External Custom Tomcat Keystore files" + envVars: + - key: "JDBC_URL" + value: "jdbc:postgresql://localhost:5432/pegadb" + - key: "JDBC_CLASS" + value: "org.postgresql.Driver" + - key: "DB_USERNAME" + value: "postgres" + - key: "DB_PASSWORD" + value: "postgres" + - key: "RULES_SCHEMA" + value: "rules" + - key: "DATA_SCHEMA" + value: "data" + - key: "EXTERNAL_KEYSTORE_PASSWORD" + value: "password" + command: "bash" + args: + - -c + - | + bash -c './scripts/docker-entrypoint.sh' + exitCode: 0 + excludedOutput: [ "External custom keystore password key found" ] \ No newline at end of file From 2ff3c88ac24fe456e54485af0a410239765a2fca Mon Sep 17 00:00:00 2001 From: kumas39 Date: Tue, 26 Dec 2023 22:03:53 +0530 Subject: [PATCH 6/7] US-572876 - test cases fix --- scripts/docker-entrypoint.sh | 2 ++ tests/pega-web-ready-testcases.yaml | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh index 233af2d7..0a00c5c1 100644 --- a/scripts/docker-entrypoint.sh +++ b/scripts/docker-entrypoint.sh @@ -105,10 +105,12 @@ else fi if [ -e "$tomcat_keystore_file" ]; then + export TOMCAT_KEYSTORE_CONTENT=$tomcat_keystore_file echo "TLS certificate for tomcat exists" cat ${tomcat_keystore_file} | xargs printf '%b\n' | base64 --decode > "${tomcat_cert_root}/tlskeystore.jks" export TOMCAT_KEYSTORE_DIR="${tomcat_cert_root}/tlskeystore.jks" else + export TOMCAT_KEYSTORE_CONTENT=$tomcat_keystore_file echo "TLS certificate does not exist" fi diff --git a/tests/pega-web-ready-testcases.yaml b/tests/pega-web-ready-testcases.yaml index 7353293f..e3e306c6 100755 --- a/tests/pega-web-ready-testcases.yaml +++ b/tests/pega-web-ready-testcases.yaml @@ -2362,7 +2362,7 @@ commandTests: - | bash -c './scripts/docker-entrypoint.sh' exitCode: 0 - excludedOutput: [ "External custom keystore name key found" ] + expectedOutput: [ "External custom keystore name key found" ] # Verify external custom tomcat keystore password key - name: "External Custom Tomcat Keystore files" @@ -2387,4 +2387,4 @@ commandTests: - | bash -c './scripts/docker-entrypoint.sh' exitCode: 0 - excludedOutput: [ "External custom keystore password key found" ] \ No newline at end of file + expectedOutput: [ "External custom keystore password key found" ] \ No newline at end of file From c037ebf8ca7fb3e3cd114646965092214474a56b Mon Sep 17 00:00:00 2001 From: kumas39 Date: Wed, 10 Jan 2024 14:09:57 +0530 Subject: [PATCH 7/7] US-572876 - Moving export statement out of if else block --- scripts/docker-entrypoint.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh index 25ef9033..6e210483 100644 --- a/scripts/docker-entrypoint.sh +++ b/scripts/docker-entrypoint.sh @@ -104,14 +104,13 @@ else fi if [ -e "$tomcat_keystore_file" ]; then - export TOMCAT_KEYSTORE_CONTENT=$tomcat_keystore_file echo "TLS certificate for tomcat exists" cat ${tomcat_keystore_file} | xargs printf '%b\n' | base64 --decode > "${tomcat_cert_root}/tlskeystore.jks" export TOMCAT_KEYSTORE_DIR="${tomcat_cert_root}/tlskeystore.jks" else - export TOMCAT_KEYSTORE_CONTENT=$tomcat_keystore_file echo "TLS certificate does not exist" fi +export TOMCAT_KEYSTORE_CONTENT=$tomcat_keystore_file # Define the JDBC_URL variable based on inputs if [ "$JDBC_URL" == "" ]; then