I am looking for a way to accept a self signed certificate within a script.
these servers are internal only so risk is minimal and accepted.

thank you

accept it in what??

well, I guess the certain user executing the script "keystore" as this is impacting each user that attempts to execute the script. \

a prompt: Do you trust the above certificate [y|n] --> [appears when I piece out where the scripts hangs]

I want to automate the 'y' so the script will accept the certificate and then continue running. OTHERWISE, this user will have to physically login to each server the first time, execute the portion of the script where the cert needs to be accepted, then execute the script. After that first acceptance of the cert, there will no longer be a stop in executing the script since the cert has been accepted into the users keystore ... of course, until the cert changes again. Since these are self-signed certs, they have a lengthy expiration so I'm not really concerned about that nor that they are self-signed [there is a reason why they are and that is not in scope here]

thank you.

no, this makes no sense. There is still no context to any of this. You can't just "accept a certificate" generically... what keystore? what app? what protocols?

well that is a good ? and I wish knew that answer. I'm not very knowledgeable on certs so I'll apologize for my lacking here.

best explanation ...

okay, i login as billds.

billds wants to execute a script - get_gfversion but when billds executes the script nothing happens. no cursor return, just black hole execution for infinity. ctrl-c kills execution.
So billds cats out the script and selects the command being executed ... /opt/SUN/SUNAppSrv/bin/asadmin version

> /opt/SUN/SUNAppSrv/bin/asadmin version <enter>

cert info scrolls across the screen and stops at:

Do you trust the above certificate [y|n] -->

if billds types y, returns information sought and all subsequent executions of the script run with no issue. Anything else , still returns data desired ... weird. But still just need to make this automatic/dynamic so this script will execute across all environments.

there is no ssl/.ssl directory in billds home directory so where the cert is stored for user billds I have no idea. I would assume in each users home directory there is this little hidden location that certs are stored but ??

more information ... environment for this is SuSE 10.2 / glassfish 2.1

other environment is RH 6.3 (Santiago) / gf 3.1 [but out of scope]

Right, so you're actually talking about GlassFish administration, a proprietary bit of software from IBM. How are we supposed to know this??

So if you look at the admin page that is easily found online, there looks to be no "auto accept" option, and it says the cert needs to be in the JKS already. So put it in there in advance, possibly by adding the certificate into the script itself and putting in a preparatory stage to add it if it's not already.

you could also run the tool through expect which would add the ability to enter a simulated user response there.

Also given that this is properietary stuff, can you use you commercial support agreements?

http://docs.oracle.com/cd/E18930_01/...ofl.html#gkped