dname="CN=foo.bar.com,OU=DRE,O=HZ,L=Foo,S=Bar,C=US"

# Create server certificate/keystore
keytool -genkey -alias server1 -keyalg RSA -keypass password -keystore server1.keystore -storepass password -validity 3600 -dname $dname
keytool -export -alias server1 -file server1.cer -keystore server1.keystore -storepass password
keytool -genkey -alias server2 -keyalg RSA -keypass password -keystore server2.keystore -storepass password -validity 3600 -dname $dname
keytool -export -alias server2 -file server2.cer -keystore server2.keystore -storepass password

# Create client certificate/keystore
keytool -genkey -alias client1 -keyalg RSA -keypass password -keystore client1.keystore -storepass password -validity 3600 -dname $dname
keytool -export -alias client1 -file client1.cer -keystore client1.keystore -storepass password
keytool -genkey -alias client2 -keyalg RSA -keypass password -keystore client2.keystore -storepass password -validity 3600 -dname $dname
keytool -export -alias client2 -file client2.cer -keystore client2.keystore -storepass password

mkdir client1_knows_server1
cp client1.keystore client1_knows_server1
keytool -noprompt -import -v -alias server1 -keypass password -file server1.cer -keystore client1_knows_server1/client1.truststore -storepass password

mkdir client1_knows_server2
cp client1.keystore client1_knows_server2
keytool -noprompt -import -v  -alias server1 -keypass password -file server2.cer -keystore client1_knows_server2/client1.truststore -storepass password

mkdir client1_knows_noone
cp client1.keystore client1_knows_noone

mkdir client2_knows_server1
cp client2.keystore client2_knows_server1
keytool -noprompt -import -v  -alias server1 -keypass password -file server1.cer -keystore client2_knows_server1/client2.truststore -storepass password

mkdir anonymous_client1_knows_server1
keytool -noprompt -import -v  -alias server1 -keypass password -file server1.cer -keystore anonymous_client1_knows_server1/client1.truststore -storepass password

mkdir server1_knows_client1
cp server1.keystore server1_knows_client1
keytool -noprompt -import -v   -alias client1 -keypass password -file client1.cer -keystore server1_knows_client1/server1.truststore -storepass password

mkdir server1_knows_noone
cp server1.keystore server1_knows_noone
