Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
well, I guess the certain user executing the script "keystore" as this is impacting each user that attempts to execute the script. \
a prompt: Do you trust the above certificate [y|n] --> [appears when I piece out where the scripts hangs]
I want to automate the 'y' so the script will accept the certificate and then continue running. OTHERWISE, this user will have to physically login to each server the first time, execute the portion of the script where the cert needs to be accepted, then execute the script. After that first acceptance of the cert, there will no longer be a stop in executing the script since the cert has been accepted into the users keystore ... of course, until the cert changes again. Since these are self-signed certs, they have a lengthy expiration so I'm not really concerned about that nor that they are self-signed [there is a reason why they are and that is not in scope here]
no, this makes no sense. There is still no context to any of this. You can't just "accept a certificate" generically... what keystore? what app? what protocols?
well that is a good ? and I wish knew that answer. I'm not very knowledgeable on certs so I'll apologize for my lacking here.
best explanation ...
okay, i login as billds.
billds wants to execute a script - get_gfversion but when billds executes the script nothing happens. no cursor return, just black hole execution for infinity. ctrl-c kills execution.
So billds cats out the script and selects the command being executed ... /opt/SUN/SUNAppSrv/bin/asadmin version
> /opt/SUN/SUNAppSrv/bin/asadmin version <enter>
cert info scrolls across the screen and stops at:
Do you trust the above certificate [y|n] -->
if billds types y, returns information sought and all subsequent executions of the script run with no issue. Anything else , still returns data desired ... weird. But still just need to make this automatic/dynamic so this script will execute across all environments.
there is no ssl/.ssl directory in billds home directory so where the cert is stored for user billds I have no idea. I would assume in each users home directory there is this little hidden location that certs are stored but ??
more information ... environment for this is SuSE 10.2 / glassfish 2.1
other environment is RH 6.3 (Santiago) / gf 3.1 [but out of scope]
Right, so you're actually talking about GlassFish administration, a proprietary bit of software from IBM. How are we supposed to know this??
So if you look at the admin page that is easily found online, there looks to be no "auto accept" option, and it says the cert needs to be in the JKS already. So put it in there in advance, possibly by adding the certificate into the script itself and putting in a preparatory stage to add it if it's not already.
you could also run the tool through expect which would add the ability to enter a simulated user response there.
Also given that this is properietary stuff, can you use you commercial support agreements?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.