Generate alphanumeric keystore passwords

- We need to avoid starting these passwords with dashes so that they are not interpretted as flags in bash [#151066916] Error when deploying 1.11.11 of OM Signed-off-by: Danny Sullivan <[email protected]>
pivotal · Sep 19, 2017 · d4ffa93 · d4ffa93
1 parent d351e30
commit d4ffa93
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/jobs/credhub/templates/init_key_stores.erb b/jobs/credhub/templates/init_key_stores.erb
@@ -11,7 +11,7 @@ CERT_FILE=/var/vcap/jobs/credhub/config/cert.crt
 PRIVATE_KEY_FILE=/var/vcap/jobs/credhub/config/priv.key
 CERT_ALIAS=credhub_tls_cert
 KEY_STORE_PATH=/var/vcap/jobs/credhub/config/cacerts.jks
-KEY_STORE_PASSWORD=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)
+KEY_STORE_PASSWORD=$(< /dev/urandom tr -dc A-Za-z0-9 | head -c32)
 
 # DB
 DATABASE_TLS_CA_FILE=/var/vcap/jobs/credhub/config/database_ca.pem
@@ -20,14 +20,14 @@ DATABASE_VERIFY_CA_ALIAS=database_verify_ca
 
 # MTLS
 MTLS_CA_CERT_FILE=/var/vcap/jobs/credhub/config/mtls_ca_cert.crt
-MTLS_TRUST_STORE_PASSWORD=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)
+MTLS_TRUST_STORE_PASSWORD=$(< /dev/urandom tr -dc A-Za-z0-9 | head -c32)
 MTLS_TRUST_STORE_PATH=/var/vcap/jobs/credhub/config/mtls_trust_store.jks
 MTLS_CA_ALIAS=mtls_ca
 
 # UAA
 AUTH_SERVER_CA_CERT_FILE=/var/vcap/jobs/credhub/config/auth_server_ca_cert.crt
 AUTH_SERVER_TRUST_STORE_PATH=/var/vcap/jobs/credhub/config/auth_server_trust_store.jks
-AUTH_SERVER_TRUST_STORE_PASSWORD=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32)
+AUTH_SERVER_TRUST_STORE_PASSWORD=$(< /dev/urandom tr -dc A-Za-z0-9 | head -c32)
 AUTH_SERVER_CA_ALIAS_BASE=auth_server_ca
 
 sed -i "s/KEY_STORE_PASSWORD_PLACEHOLDER/${KEY_STORE_PASSWORD}/g" /var/vcap/jobs/credhub/config/application.yml