[QA-4212] generate root-CA/sub-CA/keystore/truststore, import to keystore/truststore;

[YipingXiongTG]

ssl_generate.sh

if command is empty：

1. generate root CA
   

2. generate keystore
   

3. generate truststore
   

4. generate subordinate CA
   

ssl_import.sh

1. import privateKey-ca pair to keystore
   

2. import certificate to truststore
   

[shuxiny]

--import_to_keystore import CA to keystore

Unlike truststore (which just need root-CA certificate), we need to import private-key and certificate-chain (bundled together) into keystore.

--gen_CARoot generate CA and private key
private-key -> its' private-key, "private key" has many occurrences. It would be nice to explictly say this private key is about the root CA.

[shuxiny]

As to subordninate CA generation, it does not have to be signed by root-CA. In the case of multiple intermediate CA, the subordinate CA is signed by supervior CA, which isn't not necessarilly root-CA.

Overall the interface LGTM.

[dadongwang-tg]

ssl_generate.sh: only generate CA (root, sub), key-store, or trust store
ssl_import.sh: only import key/trust store

[dadongwang-tg]

if user don't provide any options, it is default behavior as below:
(1) ./ssl_generate.sh
<==>
./ssl_generate.sh --gen_CARoot --gen_keystore --gen_truststore

(2) ./ssl_generate.sh --CN <DN name>
./ssl_generate.sh --gen_CARoot --CN <DN name> --gen_keystore --gen_truststore

[dadongwang-tg]

add one more file ssl_generate_import_examples.sh:
e.g. 1. [WARN] clean up, ...
step 1. ./ssl_generate.sh
step 2. ./ssl_import.sh from default SSL_files
[step 3. check the outputs ]

e.g. 2, ....