0

I am writing a script to generate VMware vcsa ssl certificate csr file and then print it out on screen.

Here is my code:

/usr/bin/expect << EOF

set timeout 300

spawn ssh -l root $Ip_Address

expect {
        "(yes/no)?" { send "yes\r"; exp_continue }
        "*?assword: " { send "$CommonPassword\r"; exp_continue}
        "Command>" {send "shell\r"; exp_continue}
        "#" {
                #delete the tmp certificate folder if already exist, and create the folder
                send "rm -rf /tmp/certs\r"
                send "mkdir /tmp/certs\r"

                set retVal 1
                send "/usr/lib/vmware-vmca/bin/certificate-manager\r"
                expect {
                        -re "Option.*8" {send "1\r";exp_continue}
                        -re "Enter username" {send "Administrator@vsphere.local\r";exp_continue}
                        -re "Enter password" {send "$CommonPassword\r";exp_continue}
                        -re "Option.*2" {send "1\r";exp_continue}
                        -re "Output directory path" {send "/tmp/certs\r";exp_continue}
                        -re "certool.cfg file exists, Do you wish to reconfigure" {send "y\r";exp_continue}
                        -re "Enter proper value for 'Country'" {send "$CRT_COUNTRY_NAME\r";exp_continue}
                        -re "Enter proper value for 'Name'" {send "$CRT_VCSA_CN\r";exp_continue}
                        -re "Enter proper value for 'Organization'" {send "$CRT_ORG_NAME\r";exp_continue}
                        -re "Enter proper value for 'OrgUnit'" {send "$CRT_ORG_UNIT_NAME\r";exp_continue}
                        -re "Enter proper value for 'State'" {send "$CRT_PROVINCE_NAME\r";exp_continue}
                        -re "Enter proper value for 'Locality'" {send "$CRT_CITY_NAME\r";exp_continue}
                        -re "Enter proper value for 'IPAddress'" {send "$Ip_Address\r";exp_continue}
                        -re "Enter proper value for 'Email'" {send "\r";exp_continue}
                        -re "Enter proper value for 'Hostname'" {send "$CRT_VCSA_ALT1,$CRT_VCSA_ALT2\r";exp_continue}
                        -re "Enter proper value for VMCA 'Name'" {send "$CRT_VCSA_CN\r";exp_continue}
                        -re "CSR generated at" {set retVal 0}
                        -re "Option.*2" {send "2\r"}
                }
        }

        timeout { exit 1 }
}

Now I would like to print the generated csr file content to screen. but I find it so difficult to achive in Expect shell. (I have to use expect shell because I need to remote ssh to the vcsa without prompting for password - automate the process)

The file is located at /tmp/certs/vmca_issued_csr.csr.

Any help would be very much appreciated.

Jerry

EdvardM
  • 2,934
  • 1
  • 21
  • 20
Jerry Jie
  • 1
  • 2
  • you can ssh in bash into remote shells without prompting for password with keygen. – john-jones Sep 27 '20 at 07:48
  • 1
    just `send "cat /tmp/certs/vmca_issued_csr.csr\r"` – sexpect - Expect for Shells Sep 27 '20 at 12:01
  • I tried that. but that didn't work. I did some research on it. the expect shell to "cat" a file needs to be like this: `send [exec cat /tmp/certs/vmca_issued_csr.csr]` that works for me ONLY when I don't don't use spawn ssh to remote host command, which means it works only locally. – Jerry Jie Sep 29 '20 at 17:15

0 Answers0