diff --git a/ssl-config/src/test/resources/certSetup.sh b/ssl-config/src/test/resources/certSetup.sh new file mode 100755 index 000000000..ceb96df77 --- /dev/null +++ b/ssl-config/src/test/resources/certSetup.sh @@ -0,0 +1,307 @@ +#!/bin/bash +# +# Copyright 2016 Palantir Technologies +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# CA values +CA="testCA" +CA_CN="Test CA" + +# file name constants +TRUST_STORE_SUFFIX="TrustStore" +KEY_STORE_SUFFIX="KeyStore" + +# file extensions +PRIVATE_KEY_EXT="key" +SIGNED_CERT_EXT="crt" +CSR_EXT="csr" +P12_EXT="p12" +JKS_EXT="jks" +PEM_EXT="pem" +CONFIG_EXT="cnf" + +# passes arguments to 'echo' if $VERBOSE is true. +# Otherwise, is a no-op. +log() { + if [[ $VERBOSE -eq 1 ]]; then + echo "$@" + fi +} + +mkdir_check_force() { + local dir=$1 + + if [ -d "$dir" ]; then + if [ $FORCE -eq 1 ]; then + rm -rf "$dir" + else + echo "Error: directory $dir already exists. Use -f flag to overwrite." + exit + fi + fi + + mkdir "$dir" +} + +check_return_value() { + if [ $? -ne 0 ]; then + # if in verbose mode, echo newline to ensure + # that error appears on its own line + if [[ $VERBOSE -eq 1 ]]; then + echo -e "\n" + fi + echo "Error: $1 failed" + exit + fi +} + +create_ca() { + # create directory for CA files + mkdir_check_force "$CA" + cd "$CA" + + # create CA private key + log -n "Creating CA private key..." + openssl genrsa -out "$CA".key 2048 \ + &>/dev/null + check_return_value "openssl genrsa" + log "done" + + # create self-signed certificate for CA + log -n "Creating self-signed certificate for CA..." + openssl req -x509 -new -nodes \ + -key "$CA"."$PRIVATE_KEY_EXT" -sha256 -days 1024 \ + -out "$CA"."$SIGNED_CERT_EXT" \ + -subj "/C=US/ST=CA/L=Palo Alto/O=Test Org/OU=Test OU/CN=$CA_CN" \ + &>/dev/null + check_return_value "openssl req -x509" + log "done" + + # create PKCS12 trust store that contains CA certificate (no password) + log -n "Creating PKCS12 trust store that contains CA certificate..." + openssl pkcs12 -export -nokeys \ + -in "$CA"."$SIGNED_CERT_EXT" \ + -out "$CA""$TRUST_STORE_SUFFIX"."$P12_EXT" -passout pass: \ + &>/dev/null + check_return_value "openssl pkcs12 -export" + log "done" + + # create JKS trust store that contains CA certificate. JKS stores require a password + # (even though the password is not needed to read certificates from a JKS), so a + # default password of "changeit" is specified. + log -n "Creating JKS trust store that contains CA certificate..." + keytool -noprompt -import \ + -file "$CA"."$SIGNED_CERT_EXT" \ + -alias "$CA" \ + -keystore "$CA""$TRUST_STORE_SUFFIX"."$JKS_EXT" -storepass changeit \ + &>/dev/null + check_return_value "keytool -import" + log "done" + + # restore original working directory + cd $OLDPWD +} + +create_keys() { + local keyName=$1 + local commonName=$2 + local p12Pass=$3 + local jksPass=$4 + + # create directory for keys + mkdir_check_force "$keyName" + cd "$keyName" + + # create requested private key + log -n "Creating private key..." + openssl genrsa -out "$keyName"."$PRIVATE_KEY_EXT" 2048 \ + &>/dev/null + check_return_value "openssl genrsa" + log "done" + + # create CSR for private key + log -n "Creating CSR for private key..." + openssl req -new -key "$keyName"."$PRIVATE_KEY_EXT" \ + -out "$keyName"."$CSR_EXT" \ + -subj "/C=US/ST=CA/L=Palo Alto/O=Test Org/OU=Test OU/CN=$commonName" \ + &>/dev/null + check_return_value "openssl req -new -key" + log "done" + + # create certificate for private key that is signed by the CA + log -n "Creating certificate for private key that is signed by the CA..." + openssl x509 -req \ + -in "$keyName"."$CSR_EXT" \ + -CA ../"$CA"/"$CA"."$SIGNED_CERT_EXT" \ + -CAkey ../"$CA"/"$CA"."$PRIVATE_KEY_EXT" -CAcreateserial \ + -out "$keyName"."$SIGNED_CERT_EXT" \ + -days 500 -sha256 \ + &>/dev/null + check_return_value "openssl x509 -req" + log "done" + + local keyWithCert="$keyName_keyWithCert" + + # create single PEM file with certificate and private key + log -n "Creating single PEM file with certificate and private key..." + cat "$keyName"."$PRIVATE_KEY_EXT" \ + "$keyName"."$SIGNED_CERT_EXT" \ + > "$keyWithCert"."$PEM_EXT" + log "done" + + # convert PEM to password-protected PKCS12 file. $keyName is used as + # the alias for the certificate and key entry. + log -n "Converting PEM to password-protected PKCS12 file..." + openssl pkcs12 -export \ + -password pass:"$p12Pass" \ + -in "$keyWithCert"."$PEM_EXT" \ + -out "$keyName""$KEY_STORE_SUFFIX"."$P12_EXT" \ + -name "$keyName" \ + -noiter -nomaciter \ + &>/dev/null + check_return_value "openssl pkcs12 -export" + log "done" + + # convert PKCS12 to JKS. Specified JKS password is used as the password + # for both the keystore and the private key + log -n "Converting PKCS12 to JKS..." + keytool -noprompt -importkeystore \ + -srckeystore "$keyName""$KEY_STORE_SUFFIX"."$P12_EXT" -srcstoretype PKCS12 \ + -srcstorepass "$p12Pass" \ + -srcalias "$keyName" \ + -destkeystore "$keyName""$KEY_STORE_SUFFIX"."$JKS_EXT" -deststoretype JKS \ + -deststorepass "$jksPass" \ + -destalias "$keyName" \ + -destkeypass "$jksPass" \ + &>/dev/null + check_return_value "keytool -importkeystore" + + # clean up temporary files + rm .pem .srl + + log "done" + + # restore original working directory + cd $OLDPWD +} + +create_combined_jks() { + local first_store_name=$1 + local first_store_pass=$2 + local second_store_name=$3 + local second_store_pass=$4 + + log -n "Creating combined JKS..." + keytool -noprompt -importkeystore \ + -srckeystore "$first_store_name"/"$first_store_name""$KEY_STORE_SUFFIX"."$JKS_EXT" \ + -srcstorepass "$first_store_pass" \ + -srcalias "$first_store_name" \ + -destkeystore multiple."$JKS_EXT" \ + -deststorepass multiple \ + -destkeypass multiple \ + &>/dev/null + check_return_value "keytool -importkeystore" + + keytool -noprompt -importkeystore \ + -srckeystore "$second_store_name"/"$second_store_name""$KEY_STORE_SUFFIX"."$JKS_EXT" \ + -srcstorepass "$second_store_pass" \ + -srcalias "$second_store_name" \ + -destkeystore multiple."$JKS_EXT" \ + -deststorepass multiple \ + -destkeypass multiple \ + &>/dev/null + check_return_value "keytool -importkeystore" + log "done" +} + +create_crl() { + # CRL command requires a configuration file. + # Provide content for minimal CA config. + local crlConf='[ ca ] +default_ca = CA_default +[ CA_default ] +dir = ./crlCA +database = $dir/index.txt +crlnumber = $dir/crlnumber +default_crl_days = 30 +default_md = sha1' + + log -n "Creating empty CRL..." + + # create temporary directory for CRL operations. + # Variable is intentionally global so that 'trap' + # call can read the value on exit. + crlTempDir=`mktemp -d -t crlTempDir` + # clean up temporary directory on script termination + trap 'rm -rf "$crlTempDir"' EXIT + + # set working directory to temp directory + cd $crlTempDir + + # write config to file + echo "$crlConf" > crlConf."$CONFIG_EXT" + + # create expected supporting files + mkdir crlCA + touch crlCA/index.txt + echo 01 > crlCA/crlnumber + + # generate empty CRL + openssl ca -gencrl \ + -config crlConf."$CONFIG_EXT" \ + -keyfile $OLDPWD/"$CA"/"$CA"."$PRIVATE_KEY_EXT" \ + -cert $OLDPWD/"$CA"/"$CA"."$SIGNED_CERT_EXT" \ + -out $OLDPWD/crl."$PEM_EXT" \ + &>/dev/null + check_return_value "openssl ca -gencrl" + + # restore original working directory + cd $OLDPWD + + log "done" +} + +# parse command-line options +VERBOSE=0 +FORCE=0 +while getopts ":vf" opt; do + case $opt in + f) + FORCE=1 + ;; + v) + VERBOSE=1 + ;; + \?) + echo "Invalid option: -$OPTARG" >&2 + exit + ;; + esac +done + +# create CA +create_ca + +# create keys for server +create_keys testServer localhost testServer serverStore + +# create keys for client +create_keys testClient localhost testClient clientStore + +# create combined JKS +create_combined_jks testServer serverStore testClient clientStore + +# create empty crl +create_crl diff --git a/ssl-config/src/test/resources/crl.pem b/ssl-config/src/test/resources/crl.pem index 52fb42f4c..4c2051468 100644 --- a/ssl-config/src/test/resources/crl.pem +++ b/ssl-config/src/test/resources/crl.pem @@ -1,12 +1,12 @@ -----BEGIN X509 CRL----- MIIBvjCBpwIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJVUzELMAkGA1UE CBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzERMA8GA1UEChMIVGVzdCBPcmcxEDAO -BgNVBAsTB1Rlc3QgT1UxEDAOBgNVBAMTB1Rlc3QgQ0EXDTE2MDIxNjA0NDUyMFoX -DTE2MDMxNzA0NDUyMFqgDjAMMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBBQUAA4IB -AQAzpzIklNa/XutmGhh3CyCdMysklhMLJeibppH5M8oNpoONMHPk1UWndbpYWGbV -xPziE9JQb8aw5GbZH/6ZBSGLO6D+My6NJvJGfv4gm8w8rW4bGNf/nyf+O+5cu3lu -vsYp8zkjLscLfK8a1D/36/6EWlpNGZl5cya+5TIWy58xhI8YWct7zSuV16SgbVKe -bGyIqY3PfRvE+oVDtnh4pVKtVrwsp0piH/hyD9NFz6G8vPz4+K+FoAQwxJClb5uq -hJaQiBCZ0zBgQnQpirMz8BCyCiKhqJrOPidYnVyKYs/JlArj2la5SNgUbu1Nonc5 -V6GzAEso28/hZa+0Dvb/maah +BgNVBAsTB1Rlc3QgT1UxEDAOBgNVBAMTB1Rlc3QgQ0EXDTE2MDIyMjA1NDU1MFoX +DTE2MDMyMzA1NDU1MFqgDjAMMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBBQUAA4IB +AQBtU0O1SK6nG/v536SOoGqKFT0dEdhdVN4jMD1LPd1rgSef53QHvjTzrXUjaNz4 +7hjySiAfAAkUTZqTdGOVJ/rt073UtYeZ1hTBvs3R5eUz6x/OwT86oLqXyI3hLaqS +/gVYr5hddGAfbNcR8P+rouJrIt4enn8GIi4wh0gFOL5crKnH/FvWLxrmP2WWz5kv +wHV5s54zscEHlFpICqcpOmKoj1sA4W27Eoi22TeL4DzX6IQf0+eh/YKuFjmvGrlx +BtDJgeZT3rzoxzgckTg6kM2uK9crZ+tgYpZRbWIV5gCwwLZ0uYvi1v1YfHbpfuLQ +eK+fkPP5zJyoh2fFfYPgiuqL -----END X509 CRL----- diff --git a/ssl-config/src/test/resources/multiple.jks b/ssl-config/src/test/resources/multiple.jks index 7b18e8805..ef641f4e0 100644 Binary files a/ssl-config/src/test/resources/multiple.jks and b/ssl-config/src/test/resources/multiple.jks differ diff --git a/ssl-config/src/test/resources/readme.md b/ssl-config/src/test/resources/readme.md index e35ba33ea..1b535ee2e 100644 --- a/ssl-config/src/test/resources/readme.md +++ b/ssl-config/src/test/resources/readme.md @@ -2,22 +2,25 @@ This directory contains certificates and keys in various formats that are used to test the package. +The script `certSetup.sh` can be run to generate all of the files listed below. + ## Test CA The certificate authority for this set of test certificates. ### Raw files -File | Type | Format | Password | Signed By | Common Name ----- | ---- | ------ | -------- | --------- | ----------- -testCA/testCA.key | Private key | PEM | testtest | | -testCA/testCA.pem | Certificate | PEM | | rootCA.key (self-signed) | Test CA +File | Type | Format | Signed By | Common Name +---- | ---- | ------ | ----------- | +testCA/testCA.key | Private key | PEM | | +testCA/testCA.crt | Certificate | PEM | rootCA.key (self-signed) | Test CA ### Stores File | Contents | Alias | Format | Password ---- | -------- | ----- | ------ | -------- -testCA/testCATrustStore.jks | testCA.pem | testCA | PEM | testCA +testCA/testCATrustStore.p12 | testCA.crt | testCA | PEM | +testCA/testCATrustStore.jks | testCA.crt | testCA | PEM | changeit ## Test Server @@ -27,7 +30,7 @@ The key and certificate for the test server. The certificate is signed by the Te File | Type | Format | Password | Signed By | Common Name ---- | ---- | ------ | -------- | --------- | ----------- -testServer/testServer.key | Private key | PEM | | | +testServer/testServer.key | Private key | PEM | | | testServer/testServer.crt | Certificate | PEM | | rootCA.key | localhost ### Stores @@ -45,8 +48,8 @@ The key and certificate for the test client. The certificate is signed by the Te File | Type | Format | Password | Signed By | Common Name ---- | ---- | ------ | -------- | --------- | ----------- -testClient/testClient.key | Private key | PEM | | | -testClient/testClient.pem | Certificate | PEM | | rootCA.key | Test Client +testClient/testClient.key | Private key | PEM | | | +testClient/testClient.crt | Certificate | PEM | | rootCA.key | Test Client ### Stores diff --git a/ssl-config/src/test/resources/testCA/testCA.crt b/ssl-config/src/test/resources/testCA/testCA.crt new file mode 100644 index 000000000..adc5bff79 --- /dev/null +++ b/ssl-config/src/test/resources/testCA/testCA.crt @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEGDCCAwCgAwIBAgIJAP5xMVV9BIecMA0GCSqGSIb3DQEBCwUAMGUxCzAJBgNV +BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMREwDwYDVQQK +EwhUZXN0IE9yZzEQMA4GA1UECxMHVGVzdCBPVTEQMA4GA1UEAxMHVGVzdCBDQTAe +Fw0xNjAyMjIwNTQ1NDhaFw0xODEyMTIwNTQ1NDhaMGUxCzAJBgNVBAYTAlVTMQsw +CQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMREwDwYDVQQKEwhUZXN0IE9y +ZzEQMA4GA1UECxMHVGVzdCBPVTEQMA4GA1UEAxMHVGVzdCBDQTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBALqy1Z/E+8jYQ04J+tSbAtQ6QEBUZ6onnC4s +w7mFbpaqjL1efVipGkAvnoe8yMM3PD0ktLgm5kmjZfpEeKKUtO/rHWXVamcxqVOG +mV0tzQPMScbL/tqtpRdysNwG0dauGb42vOf4bYHoV6uZ5DIqdD+pg9EFawvx7efy +/kOfyHYZmak7XjNhkl6dC4VR9KUTnKen/7srv6kXhZ+IffTIRMsxR9kixLIxJs3u +u456GKbuZ4BVLgS+8fXV2qeVU+38ky6HH4MrCOEYDfOJRZMfDE4R/zsSaz+ZERwL ++BZwvzM8MweRlmG08SlQeoqmAj/nQ9wsX1RSrh1Aaed6ayMZ2tECAwEAAaOByjCB +xzAdBgNVHQ4EFgQUAZzI13s+J04OzD5LaWsuOySqMTcwgZcGA1UdIwSBjzCBjIAU +AZzI13s+J04OzD5LaWsuOySqMTehaaRnMGUxCzAJBgNVBAYTAlVTMQswCQYDVQQI +EwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMREwDwYDVQQKEwhUZXN0IE9yZzEQMA4G +A1UECxMHVGVzdCBPVTEQMA4GA1UEAxMHVGVzdCBDQYIJAP5xMVV9BIecMAwGA1Ud +EwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFWhFWRWp3HFnmvmJ52xqICmyQzK +UiCAaDPvslMo0ems7oLA0gUI0DnT+CPnwJvM6FvFMqwBSkzShSMqj3ddecCWA1Q7 +btyEKn0FnW2ppwjW9MpUKG32AH98y+7A+ZrZaRATCfAmhEUQQCJ3PSSI8+OA6otN +yH8zkuVoNKtDxdt/eie04xoYkwRwcR+Slt+QkAYYBVqV2IA0cH1BYyQZ156uUvAi +79IWs+ERMBX4u7/xA6yXhIitwCDkM3h5Ii4dcGvzj1DqnccABkd5P4ZCVEh88hO+ +UTwaO95tFlQzPVMz1mvHIwpLG0WmRyBM0ClQNQzvoNnkDTRtaPmMezwQx4g= +-----END CERTIFICATE----- diff --git a/ssl-config/src/test/resources/testCA/testCA.key b/ssl-config/src/test/resources/testCA/testCA.key index 550bf69f8..213988094 100644 --- a/ssl-config/src/test/resources/testCA/testCA.key +++ b/ssl-config/src/test/resources/testCA/testCA.key @@ -1,30 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,679F1523EB85091A - -67lp5ZrBn1oiqoPMWsE/ufx98cpQ1HWeEhTEnRON6AByQbpXvbpHp9uo6dGDyzJt -jxFBEaWJPnXeKSoHRve91W/JfnOCGUKH5b77T971FlUSwS/69/mdJBWkZc2kKb96 -SHQ1af7s6w69n0gQTlnfXdnpqZXXPaIHOgeoqPXVJahhV+tx33b1A9nnww8WDpNb -VO8etb79o+KC+0guLggO1r4HHOrMCOe/zjd7m6O0lVdajNzSuZdbq3RQBTtc1qBk -nF+1QDwbm07iR78577mwD4DAtpCuKHACgN/WCNmnouh4jYmeF8f1uIVyx/RGXaWM -y1GCDly0m/8hDkyL1GaaeC0wR+5auiU53v6aBo80/AkG0hBipgSvMIi5B/HRAwma -Oi603ZTG2K0VTkQnwr+GCMmgVskERGyZAg8eC8QDJukdEWcWdyBHN2hl3hldokRi -qWNyzvo8b38g0bBMlYNxCYE0d53qUNHejyF6RZBC2Igl8rpB6Tgd04pS8Nmp+cHr -dMnrgvvJdtP+M44G7/+ooWEtYZrDghlFqg/dyDi39bBVQ/y09X8mhNjsfSNkvGKK -Rv91QoB+GSd7uWL7ChiMpqsIim4mK611+vMSp/Q288iNtITDpU5PLkq+GKSNZN1B -RvK9zEsJyX45cWECUoHf9nAXi1XJ9Cycp+HQDiLpSw8v7IiWtxXXd2TWQLgufCFL -d3qLPjBZFOCYVYK9v6OpxU9AF4mnNBb2FfBXD5GaByNpC1cuLb9XGLtC7IdBtiXT -e6pIbDLoT/TE1fqc+N5F9IEhmZI5pWN2W8eFv3q1yR//ndEnnTbTItlTj1oqD9DC -n+egac6SsXCB8mhbJzhRl3hh0Sh86BhxjZBm0FjHVAtmSOOAIXozVsH3BK9OAhy1 -DpO7CsgmoUm6Ho/EZzAZmlmF0EAdkzYGhp7iurAtOMBP3nKLu08RzLvq0gsxvfqG -G66PblJC1TQREbuNnhwU9YFkkezPXNW9rrdk57aVTFYlNsVW2590wbrjnpJZk62k -AUx2vlE6L7fJoIsOweMTI8G6BoIjU6pW15SYEU13NzIgrZ5vqi+b5t6N4tLLVxwq -q1lufK0hzxatC5xqJlRbD2O7t3vgsiGH8dCNDwG5BP3fXrRFgIYAHctm1uBWJCxg -4ux+ii5KjlgnM9mrejhCrRl6Tc2zqNjRdz5FyiHlzy26jzYOdXgvZ5nPyLVuTnQj -3DLLo+fqfsZ+rDnxPrBVumSsYsRM9MFGS3BuBj60Bjba7RPHU7sm/rsskKVvQ7WJ -CIcHo9mPl46olDo2AwgTsLOlWclDubi1xrIGGJZycOvhGH8R6JG8e9Xvw7e7msVz -5MMJRPbMU+rRqwcZZb2RctWWUOmCLvYNF45b7dKxkoCjRwR+cMfeZvpzwDFXu5HB -bv3yIRtQ6PPX2qFbA3mkRTDWhUlRcci7WtKpw/01II/YrzLYbrF1Q7CLj4UZuUyW -ykN0wB1MYJ9cDsuvcDc/qjfIpfBZkNsv6vWXK44Ooa8LC9UuKFl3TjPj1VZ9vdmF -IUfO/8c3iC4IvPI19Rx2w86grynQiUUbQ0WiOucNcQgDlRfM+KTS82FU6OT0ULeT +MIIEowIBAAKCAQEAurLVn8T7yNhDTgn61JsC1DpAQFRnqiecLizDuYVulqqMvV59 +WKkaQC+eh7zIwzc8PSS0uCbmSaNl+kR4opS07+sdZdVqZzGpU4aZXS3NA8xJxsv+ +2q2lF3Kw3AbR1q4Zvja85/htgehXq5nkMip0P6mD0QVrC/Ht5/L+Q5/IdhmZqTte +M2GSXp0LhVH0pROcp6f/uyu/qReFn4h99MhEyzFH2SLEsjEmze67jnoYpu5ngFUu +BL7x9dXap5VT7fyTLocfgysI4RgN84lFkx8MThH/OxJrP5kRHAv4FnC/MzwzB5GW +YbTxKVB6iqYCP+dD3CxfVFKuHUBp53prIxna0QIDAQABAoIBAHfzEiEWNBZ0K7nl +24vhE846prEuCXRfAo8AH7gALG8MoGPCY5IlA0Kd1aKr/ei+gitee+WcyHQjUQ+c +Ek2ScTV7v2V/2l72ny2U2s/s7z0zcWsSAWmKCvmnrE2Q7Bybutpk3LXE/MZr+ne7 +5cr9T7bfOFuAuafxBcLycb4M2IRXD8CWSn+AoOZOJMxc5Hjv4WcWhfkyA+yQZZ13 +o3PtuY9ogk+JFhzdsc7qvB8gBUrd1HDcrf8vv8DOzUIymFjemlWyZm8HhCB5WHDo +d3ejAedkcj2wUjvLk7XlXvGT3LyUpLbpKKYS4BsNUQyniXyOi1rZFSnlR0+4uW6r +ydv95oECgYEA83BU0KRzig/iJ6uiZ9vqzq+CtDAfO4GUW9ZNMXzIws6F1wOsos/Q +veqoDh9O21EYLD2okDJYh5SGrXRZvCoPCJHGlzdaRNMHZNwXr+rLBVAbAW1LHuu3 +29DoIrKfiCgtYYh1ad+Ei5IiubR01giTkiztZoC1f++6l6fHj1QVlQkCgYEAxFUA +aQT4XabCs7shTLeGitRJc6wTL2WouUW6YyADzaNnflrxb0s1EXFrsp18E0gHVkA/ +Z3sIlb0QTEMmnSfHPjLJh6SbR7JlSX1ixY3m8dTjDTWeouR5EAbnozNhQghvZUoO +w6jMnM7+44p4MnpTwWLz6/SjJLxZ9DPfNtzLkYkCgYAc3KKRog24vq1XerfkjGRI +YPKkHlh1m6VVRhEc3uiGgCnKFjtviif7fEi0c+3Lfs/Y3u6POgjY+jkFc5f4ARyL +LY1X/E4Nft+Pi7CbQMEVPiwVfTm8zsGbpCcBhh/36puGxsD07nUufwLy9XwsrBOi +7wSudHAQXQHIXTIBwjxU0QKBgGE3Abv+tQiSYUhjuYpmOZ2WnkRDiUBn4xLSXwdk +O93gMofTekc0gzN+6OgJqP1XJiLkL0ELH+YdNuu8OGuK3dKDjVy3+heXUyX/ix/t +MtS+KCtLSKC55uQztxENiPQMfzQ1ZnglpiNjL7z1vKyp+7z/RW6ptPqktRoBcV6W +F8qZAoGBAK+cKvpzMzq5oQSSiZwjsm1nCQ+pbBQl+YUUqJoet56ND0yhbCVWJhYG +H/T2pJYednud2f1LxXeoWV3q39OhNdyYWAW+sWeyxAuUUj5DKBzDPCSdc0mzVDKq +Is3YrFlDgnQ/S8koFUkb/6lmBlBVWeBSHzHDh7Y6fZsoZasOm7cA -----END RSA PRIVATE KEY----- diff --git a/ssl-config/src/test/resources/testCA/testCA.pem b/ssl-config/src/test/resources/testCA/testCA.pem deleted file mode 100644 index 5779f6bf1..000000000 --- a/ssl-config/src/test/resources/testCA/testCA.pem +++ /dev/null @@ -1,24 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEGDCCAwCgAwIBAgIJAN5pb4cXcgx9MA0GCSqGSIb3DQEBCwUAMGUxCzAJBgNV -BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMREwDwYDVQQK -EwhUZXN0IE9yZzEQMA4GA1UECxMHVGVzdCBPVTEQMA4GA1UEAxMHVGVzdCBDQTAe -Fw0xNjAyMDYyMTE1MTZaFw0xODExMjYyMTE1MTZaMGUxCzAJBgNVBAYTAlVTMQsw -CQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMREwDwYDVQQKEwhUZXN0IE9y -ZzEQMA4GA1UECxMHVGVzdCBPVTEQMA4GA1UEAxMHVGVzdCBDQTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAL0q354TLR3Kd9fTeq2q2aZO0DFG9pwb627D -90pqnF9qkavgH0LurbKvhNI45kXe3z6LpIFV23DGkxPm+D0sO+JT2S+vd1CZPlYN -s9ntx4TEIAoyWMZ7sfVeGVB981X5EcPMQJmBwC+jlsqrckJoxAhxIn8mlEpJACqQ -SdmM9F5ggR61di3S0jCvJs0k+ZOxKTlP0UbT2kK7IzVMPzp5wpskXQrWPNIrxliZ -iP+WFCU7CJ+JhuPg3uaKhfwl6QV6Y6mS06PYaGxgqpkt2+0ejNabum5d/EDydeJp -fSW9ViMwLBWLgWjUt8KdXLwJ8jG6GeEu23r825PRs61wVPs0BZsCAwEAAaOByjCB -xzAdBgNVHQ4EFgQUJcooM0JOdJ0jgLHMTNJt8wpqteowgZcGA1UdIwSBjzCBjIAU -JcooM0JOdJ0jgLHMTNJt8wpqteqhaaRnMGUxCzAJBgNVBAYTAlVTMQswCQYDVQQI -EwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMREwDwYDVQQKEwhUZXN0IE9yZzEQMA4G -A1UECxMHVGVzdCBPVTEQMA4GA1UEAxMHVGVzdCBDQYIJAN5pb4cXcgx9MAwGA1Ud -EwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBABx8+HS2pu1n0H9HJbpsI5ITW4cP -8QI10U1I7I0Jm/fKnDDuB32eom5+81v4fKnGkHY1o60uJmKLHx6DLQbnvFO47xs/ -R23QjfZOrpTdQaiomIesbRi525wuPwa4FLYb3W0WjbdQF39OyrtA2CsBweCOtylQ -OnOqGpHOSpH32Mo/AVEa7Qe74r08CaAT/nNx4QeoXOABxuxUq0tdz5e3KhFJe6fe -riWXI/3dYL8Hk8LD/DI/do9dF+OdbiIJ4e5Cpro32ADm1w9RcBvd+VAHnFPNLniW -bsaZN+dSJbzipAM5DAeADUsaD0jcus//6MWJQOoWvpuziRsIp6qJ8m77tQ0= ------END CERTIFICATE----- diff --git a/ssl-config/src/test/resources/testCA/testCA.srl b/ssl-config/src/test/resources/testCA/testCA.srl deleted file mode 100644 index 95f3160a8..000000000 --- a/ssl-config/src/test/resources/testCA/testCA.srl +++ /dev/null @@ -1 +0,0 @@ -B377042AF375D476 diff --git a/ssl-config/src/test/resources/testCA/testCATrustStore.jks b/ssl-config/src/test/resources/testCA/testCATrustStore.jks index a6bfd7691..3aa4cf112 100644 Binary files a/ssl-config/src/test/resources/testCA/testCATrustStore.jks and b/ssl-config/src/test/resources/testCA/testCATrustStore.jks differ diff --git a/ssl-config/src/test/resources/testCA/testCATrustStore.p12 b/ssl-config/src/test/resources/testCA/testCATrustStore.p12 new file mode 100644 index 000000000..61f9fafe8 Binary files /dev/null and b/ssl-config/src/test/resources/testCA/testCATrustStore.p12 differ diff --git a/ssl-config/src/test/resources/testClient/testClient.crt b/ssl-config/src/test/resources/testClient/testClient.crt index cdaa61a70..a14637517 100644 --- a/ssl-config/src/test/resources/testClient/testClient.crt +++ b/ssl-config/src/test/resources/testClient/testClient.crt @@ -1,20 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDSjCCAjICCQDTZWh5kP5kJDANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJV +MIIDSDCCAjACCQC+E1PVWyOpgjANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJV UzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzERMA8GA1UEChMIVGVz dCBPcmcxEDAOBgNVBAsTB1Rlc3QgT1UxEDAOBgNVBAMTB1Rlc3QgQ0EwHhcNMTYw -MjA2MjEyMjU4WhcNMTcwNjIwMjEyMjU4WjBpMQswCQYDVQQGEwJVUzELMAkGA1UE +MjIyMDU0NTQ5WhcNMTcwNzA2MDU0NTQ5WjBnMQswCQYDVQQGEwJVUzELMAkGA1UE CBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzERMA8GA1UEChMIVGVzdCBPcmcxEDAO -BgNVBAsTB1Rlc3QgT1UxFDASBgNVBAMTC1Rlc3QgQ2xpZW50MIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo4dVHqodg8Q+2RPEPKiyS9E7neQcB2KI60G -2ecWwb1fPq2zA3N9QevtuH1OiPB/7QbeLO+t7NP6JTB6Vxs/EKrU6HnvYzFO2Z+S -/FfAQ/qdlgMdJpOfq5OegIOqsUWx0cmYqvLZ/mX7FRIIoTYqatGJ6d/sBxwdNmhw -71pIMG1VrN9qLVP3b5BwPqtXMvIDfJIP8NzH0LE3iWFBT+WxzaCMjJ6rBCc7ZprM -jnUqZfjgiuwu6ENnzRgNgDPmsNbZuxDQKoq+3ag7M2QiSVn+fZ6TpHR/XPlbzrFT -p/sX5ZzTPLmO34AogwaTL6Bg6wkjZ/+QnBoUJL8DZJgA8w9yIwIDAQABMA0GCSqG -SIb3DQEBCwUAA4IBAQAd/3diqnUE+mxcNDe9CFrRQyFyXX5y/9qkvNkHwAcB2LEI -X/cylr3mbrBmBjRRrRKAMG9Eb/Y0as2Lu8zKepOOxkK/V8TN6/8MJNKK0d+mtkoU -+ix6CU9HIU0XdnhRpMhyc/XcMM08p5i8opfp+ebVbQzL8jjzc1Yt92xN3+O1TlQe -IlDuqaAqyPS0I00eeS+OBIllA9+DyeqZPNSDsfR2HnWx+MCAtdPa27aIX780wHIw -ncNVhcBEPnP8LYJYbQcyc0N38lGOkKAXVmZ1cH3Bihs6ed5e2Ea2hvSyTyr1yjJ2 -3sQ+W+b967LWOB8M8NgsynqxUqNxLS9ph2yQdqDb +BgNVBAsTB1Rlc3QgT1UxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAJoqfv0MZqWTUCv12+4rqsjgI8qZ0KEXbgpsKMUw +8tQhIOKGa8Gs05D287Rawwg1QU1isb3ezfjsJA8ZcknorA6mKXieqH7ATLSjNAuo +aF/ST6kCzLSTXY9EcZV42W/sWaLXoDchEDBkyFj7JfOboV7yhU2rLCpvpaWKwhGt +jOPvuFhMRkP7ZyP7EUYUEGGIOhDUUcOfu8/6OKVyJyUcNOF+mmB/3IOYrxn4CKY0 +N5b9umLUcFQVqpRj2mGTP5K6ASNLCYL9k+dLssRRZLTz3W/bn27J9zbjqhhDcQT8 +MGLBgGSewkVij8T6f+u6FSaG8LYMHNKF/DCVhZz8wp+TyAcCAwEAATANBgkqhkiG +9w0BAQsFAAOCAQEAm3SaRzQi1FqU/53V8w9BtR7uin6aldCkr1E+a3Z8+8Y5pG7J +hujV8jtWl0Z5d51+yI5Tlq4V5sigpo/+9lLWmAVvDOjfymh4QrZx9TLB2V36MKWz +DW4m6fGyXkgTZlul5wdRLxIZNKheh1eVE8UTxvPdxATKGHjOOsRrwlKMYWsjM9eU +y30IUjrZxT8RpWp6rh1IJjtgLdh15dAO8JFUpw+ETLnuxvECPhdM0IrwxbnzmHk3 +0PP1oCbwiD5FQSzdSJEFBgm7RbVosVSfG4MaJOiKoNJm0ulJQkO1bLIiQaNlCWAq +AEg/M/OZdFHWZDqQLQzswU/aym7NenK5knxj4Q== -----END CERTIFICATE----- diff --git a/ssl-config/src/test/resources/testClient/testClient.csr b/ssl-config/src/test/resources/testClient/testClient.csr new file mode 100644 index 000000000..0a7c3e0cb --- /dev/null +++ b/ssl-config/src/test/resources/testClient/testClient.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICrDCCAZQCAQAwZzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQH +EwlQYWxvIEFsdG8xETAPBgNVBAoTCFRlc3QgT3JnMRAwDgYDVQQLEwdUZXN0IE9V +MRIwEAYDVQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQCaKn79DGalk1Ar9dvuK6rI4CPKmdChF24KbCjFMPLUISDihmvBrNOQ9vO0 +WsMINUFNYrG93s347CQPGXJJ6KwOpil4nqh+wEy0ozQLqGhf0k+pAsy0k12PRHGV +eNlv7Fmi16A3IRAwZMhY+yXzm6Fe8oVNqywqb6WlisIRrYzj77hYTEZD+2cj+xFG +FBBhiDoQ1FHDn7vP+jilciclHDThfppgf9yDmK8Z+AimNDeW/bpi1HBUFaqUY9ph +kz+SugEjSwmC/ZPnS7LEUWS0891v259uyfc246oYQ3EE/DBiwYBknsJFYo/E+n/r +uhUmhvC2DBzShfwwlYWc/MKfk8gHAgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEA +hLY3u4DAwGa4sN1qCUWud07e5doyjzzTFgYFe0SJ2/qhSLJ2vI4/UbmgpLLmzpwM +VvRAxJDCGsxnIlt6VOSh1dtIqy4pwO+pYPqtNcgQZM2HrN8Ts6H3ZrsieFV97qcn +/bVpB/e+nIPxay6BwKWzbG0SVxK+dZ1piBbqi3cejKxWWbRPT7l/zxF8ZC22qVCp +1tR6CF+c0Zo8ZiNBEWvAhDHIrTbTILCyhF7G6neC55qzjyMebLqv2UwfAbOWaDT2 +mVbeI4XreCWaqCNR/xVo8K10zICM0xE7uFx8HVTis5u6VtbnVcOt72kXOlV0phki +Ddr2jk4MUeS+MzkPyVSwFQ== +-----END CERTIFICATE REQUEST----- diff --git a/ssl-config/src/test/resources/testClient/testClient.key b/ssl-config/src/test/resources/testClient/testClient.key index 70d7716c2..1a94441ed 100644 --- a/ssl-config/src/test/resources/testClient/testClient.key +++ b/ssl-config/src/test/resources/testClient/testClient.key @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAoo4dVHqodg8Q+2RPEPKiyS9E7neQcB2KI60G2ecWwb1fPq2z -A3N9QevtuH1OiPB/7QbeLO+t7NP6JTB6Vxs/EKrU6HnvYzFO2Z+S/FfAQ/qdlgMd -JpOfq5OegIOqsUWx0cmYqvLZ/mX7FRIIoTYqatGJ6d/sBxwdNmhw71pIMG1VrN9q -LVP3b5BwPqtXMvIDfJIP8NzH0LE3iWFBT+WxzaCMjJ6rBCc7ZprMjnUqZfjgiuwu -6ENnzRgNgDPmsNbZuxDQKoq+3ag7M2QiSVn+fZ6TpHR/XPlbzrFTp/sX5ZzTPLmO -34AogwaTL6Bg6wkjZ/+QnBoUJL8DZJgA8w9yIwIDAQABAoIBACK5mSpiyXnu3gHV -+83zBzNTFbabdA9/P/M/EyeZZhMdESuij4s9MJTUgYPXwN8gATPxM6UFznG5Fsa7 -BGd3OpGk7LZ81daqwd1baVrepAPhlahmIeQLxSAx+LobZmtYKBRYrHRYTJk7z9dA -cvd9SrJm8L81RoZ+Sv9EcFuxPZqaaXrbtJS4n7ioiO974iw/tSBSgIl1NaF7B+wD -icxyynccPHvMU7MJb4L6tfnQtDHNdvYO9iP/MNsHSEm7MdKO76fY/ucu+cXk/y6I -cSiaGbs+KLAJ82BSDN5EsZa0WaxhvDuiyu7zn9QKkru3DhZZWOzb06Syc8ObAZUe -OY0TnoECgYEAzJ0viAwUwQy3qIENtZbz1XUf+7YdeR+dtvUc3gPg9wZP0/STQnYp -g/dcWj1m+H4f6hgSa5z1hWjYMONrcHJDVJE6rLuoAACZ/uEnKnkTQbmAru+wc2R3 -+N8hJ32vkvqwS6ifaE6+woUzri67hsMSds8YjGMbIMYTw4FNtLAfudcCgYEAy2Dt -VWUssv+DnODtw/vsA+Xz9wvUrohlivugu/JC67/g5KATUSkbODtFmNpxHte5yjS3 -mfzML7x1DJNbaf9d8GnAXVvoSXQLgnlNpnWqdiid98GXOIvcuFxfBewpSAynU0Gd -ZSTSrrOc8AGXugVN368NCqZOYBh5auTBsP3w+JUCgYAWqD0wKm5N5jOcFBZJilqb -w2l0PPlMhUS4krHMn89Uaz2Bse5wiJcWRtjSIUR6tbSg/mNjyTCiwjZWS4iFHhH4 -llBR+kGjJm3m/FWS7W9Fct4eAOqgDHsAcuy/67n6Y4oMBrMIINgcwBU173TSel1c -DJiiSwMhAO4FUxcgr/QDZwKBgGdvVWVP/orO3u4Di4lYb7GP2yMzFijp39LupNHR -pW1m+gbszsZBRMG1i3Dw8AVCrBAF/bbIVkSU8WbC7wQax3kFH7ubiakJ5uylqvNU -9qv/fk/KWpF8uHXfLMjDUj99iAAU5+rP7oLBgLij5rnKBtATpGtdJ5FCAUZ3L3dH -v619AoGBAIAwVYLUeUXNPUFZctqI5x4DVxhpaNDUK4zyMp2rwqDRkjqCTqE337QF -bggJEXVzMgZm+h9N7ibdH2D+nL6NQfPwxGVf/DhmF5y0kFsug4fnxqktMhMvn8v9 -0azMyn2dqXrIHezFR8hRfZshb0jNoMMVUPymqWchBe+QQvjkLPLp +MIIEowIBAAKCAQEAmip+/QxmpZNQK/Xb7iuqyOAjypnQoRduCmwoxTDy1CEg4oZr +wazTkPbztFrDCDVBTWKxvd7N+OwkDxlySeisDqYpeJ6ofsBMtKM0C6hoX9JPqQLM +tJNdj0RxlXjZb+xZotegNyEQMGTIWPsl85uhXvKFTassKm+lpYrCEa2M4++4WExG +Q/tnI/sRRhQQYYg6ENRRw5+7z/o4pXInJRw04X6aYH/cg5ivGfgIpjQ3lv26YtRw +VBWqlGPaYZM/kroBI0sJgv2T50uyxFFktPPdb9ufbsn3NuOqGENxBPwwYsGAZJ7C +RWKPxPp/67oVJobwtgwc0oX8MJWFnPzCn5PIBwIDAQABAoIBAHHYJ+aeHb7vxihw +anS68mdcfZHDfHk5YB16ObFEsE1OGYauVSy0f5dxhg4NaDDLgumulCruOZQ0bXxp +AijqFQTMV5unLi5Lu1k5m9lwB4ObPxBD7P78Q/7kQCxtDcTE+Hx0Vu/fDqFuCzUK +YcA/kS8YULBGU1sTD3Prv9xmGMDIxA/B9fN3z0FL20Hi+tnsFxetDyZ6xdTs7FBX +C7WwzTlTPvfX987Uw0e7EEr+BaQovLnZeyitbQhNqOUNnsYbm5J/rfPyP0+Al0nA +T28cK1aEe0rq6J7/pDeIWlzvLQdmSOgZMkNe5xlOHtJUxWz/UMt+AhWru9KlQpYQ +rvUEUIECgYEAy1yfXfUvF2sGfjLVHQdIUuGrFFnEFvp72GiN41x8/teQ2N89gtCK +/VkvRp7xa1P3rs3K/zg4qgdZHsuoM/m2m0iLmSl9lrtarzYRh13KCd1t1OmsqLku +ciroyJsoVTy0adMKgTqe5KM/Lpwyxadz8dk/nYhhdcbBlRsbEBgWLpcCgYEAwhIC +JakjAXNIwyjr+68vwOjD2m9pnhtoqRSxgS67QJCJ0knkba3+V9Ne0NmLtSqCWS3K +oyNO3p/REZpTt/rL6SIvDIuwAIw8TZ7BZHE7q+f+861N8/whUqJHoEgXo2yI3Yh9 +qkhkx4wBery1wV0RcQU36XdOmhmA4oD5xUnA0BECgYBS/KEsPnnRHKOxrBy7k9U3 +vU+LJnaWyfDwBvqf5YY8mMtLNQ5s651MdbCNKR9rpQBWHTTRoae9+vGrV4B0dVrH +U3tkLUJK2HnRNkdA7k0caXgAgrsqvybtAAWul2KGJheZd725rqpYsyV9Z9BwSD1Q +XE9Rge4DmfA1YLJShwHGUQKBgQCpmIM31i85PT4BDunq8JWSx9cgNOzftqQn3mWg +tu385lMK6ngtQThcF+NsMDDfCV8P/+xt1JVAB/n0oCE5TnqUKcNj+067q9GnI21u +EWZMPFmZKYJODbAxPo/JijbeIiMZNgZboRgxKjDAydksOeDcG+tYo2KVWGRBjOS5 +fFJ7gQKBgBu/nWupVRZ4YDsb3147i4WswVmszeTbAjy0XKIYGJwHSdIsfjglQrwR +BmrhQLazrPmO35f64TaP/KrDSPwOAiVhNMcBgHg0MNOh2pS2AaW9hbkMih+1LjYd +7fUxSEQik/ZdO/YFftnD64pInWXX8nhnxyTlGVrKbxDHOMYgOgor -----END RSA PRIVATE KEY----- diff --git a/ssl-config/src/test/resources/testClient/testClientKeyStore.jks b/ssl-config/src/test/resources/testClient/testClientKeyStore.jks index 8ad0be2ce..6212c4d91 100644 Binary files a/ssl-config/src/test/resources/testClient/testClientKeyStore.jks and b/ssl-config/src/test/resources/testClient/testClientKeyStore.jks differ diff --git a/ssl-config/src/test/resources/testClient/testClientKeyStore.p12 b/ssl-config/src/test/resources/testClient/testClientKeyStore.p12 index 0fac985d8..16b386d61 100644 Binary files a/ssl-config/src/test/resources/testClient/testClientKeyStore.p12 and b/ssl-config/src/test/resources/testClient/testClientKeyStore.p12 differ diff --git a/ssl-config/src/test/resources/testServer/testServer.crt b/ssl-config/src/test/resources/testServer/testServer.crt index d37c95306..b8b81b886 100644 --- a/ssl-config/src/test/resources/testServer/testServer.crt +++ b/ssl-config/src/test/resources/testServer/testServer.crt @@ -1,20 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDSDCCAjACCQCzdwQq83XUdjANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJV +MIIDSDCCAjACCQCrDuTlkNN2PjANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJV UzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzERMA8GA1UEChMIVGVz dCBPcmcxEDAOBgNVBAsTB1Rlc3QgT1UxEDAOBgNVBAMTB1Rlc3QgQ0EwHhcNMTYw -MjE2MDUwMjIzWhcNMTcwNjMwMDUwMjIzWjBnMQswCQYDVQQGEwJVUzELMAkGA1UE +MjIyMDU0NTQ5WhcNMTcwNzA2MDU0NTQ5WjBnMQswCQYDVQQGEwJVUzELMAkGA1UE CBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzERMA8GA1UEChMIVGVzdCBPcmcxEDAO BgNVBAsTB1Rlc3QgT1UxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBALcKgU68C9YjktrbzGhQE6qlIE6esonvEFL3TwEF -hcoLhMgXJBsK4Vsw1TDaQc8IG0jnP1+xjnPeTehCZ90yWD7BPRh0zV3jgVNwJJBx -2IsGsZLGb8pT+Rq58Kt/146+gW9s+i62QJB7td0QsyVEOCa0yPQRRcWLkAPDtO4X -ND1Q0JLn4+imnCq9YGx226/1Q/qwdTQByL0a5p6d3PHtaEbqygl+9Ton98CMXsW6 -mfp9Mx+iMqJ92lFfWh91HCPfG7U5l6kw6347qdj5sVH/9y1k7UTg9kTqTN5eDTJe -Sj3Gk/+Q8xKbuYxXO5O7Gydh+NyGlqt7sEU82JAgJ4Zfj18CAwEAATANBgkqhkiG -9w0BAQsFAAOCAQEAJYdlmLp3l57PFF58mQPgsThi4rUT545Hyla5OjUZ4f/P0XJK -N/9wzKTEOwr1vX+dyfBIrQgP2SD2vYNB74ewQXDwe5kjWLVoS8M/PkraGJ20tq2X -Y+nzKB8TieUYw+iWWswmD0jIA4y0SCG7cFFVsNn7/mqNXo3tDIUeDo1tYQ1B34ui -1UG34EsDfBmg7xzy0Rq6fHb7dohrQxcCjWz+QoXGHva29pCLVUmrTMjjUc4hS7rG -IuPwlJAoeL7ygyA8+Tny6WQ+wr05nIntYUw1yeMCgfFAcOnQdk81TxWsKbqhiIVW -bRfyGechzvsgQfRsC/335TArpv9QzZlaxQQLqA== +AQEBBQADggEPADCCAQoCggEBAPlCDkyQT1rvUyHFxCSR+POx/6qR2OcwuMOCVjg9 +l9tQqO6ayttX6Z9mIfgzlcLDKPSAb3olPSEOGv14aJgrbL6kSLZC9A1whbrJWWZN +mVyPIrCA8n/hU6eFi9PthJeAY+/0i5luB4qxj0WsrqZew7tEupaiXP9bPH3TW1o2 +Q2Kl/DxTd6TjEOIV3b0DColDKIMs+H7VTkdQ+x86aqntDUBI7WwgGGXM2g49c3a9 +aMCiN2S6j0pFra26Vn/qoGBxZLdfwgqwy3XskOSWg+ydkPzZk8yU4nZ841SOSAL9 +YyB+0VmtCxPye+8BCxQu44W2nhiP1pcdM1KyEkajAyzqkO8CAwEAATANBgkqhkiG +9w0BAQsFAAOCAQEAD1SMW27usj6KDdGyETi08IGtanQ4R1SZ466pfLskjXfGonQj +9gLa7oXpk/sQgTvhAguel/G4lSTVjPPD5ylhPXvruhLcSFCg0PbmTYxOe3aAQhMh +ozshRVaZ3//VuNmQX/zULbMkjmwPaRXR9Oq6HHzMcaSA5awvff65HSxvtGid3mq+ +V+mFZetfY1N73Ves06a8FkLesdFIvaJwFlM6lsHf9Ecg23R4xPiohVbwmKLHmGJy +VOWXdJ3Q1pFPpMt5MClzcNo/pDpIH+jfRdNR2ymVeySoRhfNHD3pHwaP0tKqmGMX +6+yf+Jl3j2v+1MDo8rlGvt8EqWY2ARSp5GQ5ow== -----END CERTIFICATE----- diff --git a/ssl-config/src/test/resources/testServer/testServer.csr b/ssl-config/src/test/resources/testServer/testServer.csr new file mode 100644 index 000000000..740871bb3 --- /dev/null +++ b/ssl-config/src/test/resources/testServer/testServer.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICrDCCAZQCAQAwZzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQH +EwlQYWxvIEFsdG8xETAPBgNVBAoTCFRlc3QgT3JnMRAwDgYDVQQLEwdUZXN0IE9V +MRIwEAYDVQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQD5Qg5MkE9a71MhxcQkkfjzsf+qkdjnMLjDglY4PZfbUKjumsrbV+mfZiH4 +M5XCwyj0gG96JT0hDhr9eGiYK2y+pEi2QvQNcIW6yVlmTZlcjyKwgPJ/4VOnhYvT +7YSXgGPv9IuZbgeKsY9FrK6mXsO7RLqWolz/Wzx901taNkNipfw8U3ek4xDiFd29 +AwqJQyiDLPh+1U5HUPsfOmqp7Q1ASO1sIBhlzNoOPXN2vWjAojdkuo9KRa2tulZ/ +6qBgcWS3X8IKsMt17JDkloPsnZD82ZPMlOJ2fONUjkgC/WMgftFZrQsT8nvvAQsU +LuOFtp4Yj9aXHTNSshJGowMs6pDvAgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEA +2YLDeUuG7WORQu3wqs63gPf9iy+iIOVjAq3A/kAVGZKRAUa7FOw38ky7SMEDqCV7 +eevyQKTm6SA7domVymUvdfluBG6zHUWk08zp5CgwDEo7FmOnDX4AZ7ecHV854Su8 +QDs3qTGY5S2xMJczlMLIrzee7g1c03mfufrmyg+tZEmq3QXwRNCvzmQkpuEq9JV7 +iHr4BuTNLANKG91siIdktZaytnzioDLwvQUA3Dn84bCkqphsEiqB6PNZeH5YDDdR +eOOgato7Fc3+6fqneJV8wFXjkDXEHs+zjgEBVnuE7+O6tZQvl8x9The3t0y9T5lT +Ke8L7hYA9eXUMUkZ3Hkfog== +-----END CERTIFICATE REQUEST----- diff --git a/ssl-config/src/test/resources/testServer/testServer.key b/ssl-config/src/test/resources/testServer/testServer.key index f22ffb8e3..4148784f9 100644 --- a/ssl-config/src/test/resources/testServer/testServer.key +++ b/ssl-config/src/test/resources/testServer/testServer.key @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEogIBAAKCAQEAtwqBTrwL1iOS2tvMaFATqqUgTp6yie8QUvdPAQWFyguEyBck -GwrhWzDVMNpBzwgbSOc/X7GOc95N6EJn3TJYPsE9GHTNXeOBU3AkkHHYiwaxksZv -ylP5Grnwq3/Xjr6Bb2z6LrZAkHu13RCzJUQ4JrTI9BFFxYuQA8O07hc0PVDQkufj -6KacKr1gbHbbr/VD+rB1NAHIvRrmnp3c8e1oRurKCX71Oif3wIxexbqZ+n0zH6Iy -on3aUV9aH3UcI98btTmXqTDrfjup2PmxUf/3LWTtROD2ROpM3l4NMl5KPcaT/5Dz -Epu5jFc7k7sbJ2H43IaWq3uwRTzYkCAnhl+PXwIDAQABAoIBADvx5c06SooT1ml0 -qGnVJ8uwDneRA5mmwGrbcXU9MMatpQu+gGWW15z8ziUUpY6+8eibSyb0yFlsCYmy -Db/kWAAdWvvibMt90YHY7TCdCDTnuUn/UOcrPx6gnJAd6yNlgpBSWVDpARYQXcwL -RxBCWj1a4aEE8xuyDDUfZ+a9lK8rdXWWR3TkPrNFZAADmYqznGJ70fsQj8wYxlko -CirUOTAvNoZgORhtLiw+t4ESwomhRjfSmhz/w6ZNMoj9KD53dEupMUDt8pK5WLP+ -hLgnd7CQw9RZiZQTcJ181uunePS/DSW+l5GD6qQ+fyzvFUw0t9lZciBACcpkr2rY -mR7BQpkCgYEA39pT6B0UsGe6aiFOukL9neg3LZYp9SvgQDSRVFSJRlMuLJOGXdEO -bO62P3eZX2Q2yuj8R+ir7D33bt8+NpIlvkUhLu9bCRgbCMThAfSFfn3zGRR4Lbh8 -Ce+HpqSZN/BihoJaidvhBe3C9I1xw5dsdf8EmsQugDe31eqI7vj819UCgYEA0VPI -J2l7VcqGWitvMy6e2PEcLhfUw0EqNWn1+ZHgXon4h8gSMbV672Mmh1DGSUn6Ht6+ -m4s+nhniZ4h/sAHevJgYKN1XXQSAdivUWxPP2bD6VZzx+XGqSMpMUq062Sq9yNlI -t0o5mLJ4/oYofa3ffgu2HQqwPsEYKYYvdsYbuGMCgYBU2wNRiqyMDlYI4yVf0AMp -t5wrCLBRAtfYHtU0XXNIGEH5ndaie5v3SSoGtwSJt4hZtKXlcFqzi+3etntz3kS2 -cqgYjZ05vkyJL3CH+DQedgoP6MWBt1w1u/n0/pIiNVpz2LgPaC1NvQpY/8EvPphb -xlbtgA6MhhKG4YgU5oeaHQKBgH67mMyzwiY4zYq+DT8RlL6Hi6Yka34jb+iS1Ida -2FqkccHTUaCi3WEdyG/YaZRpo3MZLJGDhk+2ICrKq3PmTfIkq0viZkg8t4HUG2dg -4VBNI+K9eIqrVItpXzgXBTAB/pEhbDL8T06xjyuaEd21bUAk2wdON1JnGbfaM9ZX -LuU9AoGARqdvE2srHw+q2yyK1y9h8cwOoeMvvgGFrx5ifWYImN24IWXzGsdzCoXm -hRnP+m9GX7aQFV9M9OTqTb9bgRkksUzVsTQRvKLwZP/Hmuzrw8ZfT3S0Tw51U8Y9 -gGSuG1YWoBtmugITblfDr3Ht5mGv8erFqZofVe/4rNiv2bv/GPM= +MIIEpQIBAAKCAQEA+UIOTJBPWu9TIcXEJJH487H/qpHY5zC4w4JWOD2X21Co7prK +21fpn2Yh+DOVwsMo9IBveiU9IQ4a/XhomCtsvqRItkL0DXCFuslZZk2ZXI8isIDy +f+FTp4WL0+2El4Bj7/SLmW4HirGPRayupl7Du0S6lqJc/1s8fdNbWjZDYqX8PFN3 +pOMQ4hXdvQMKiUMogyz4ftVOR1D7Hzpqqe0NQEjtbCAYZczaDj1zdr1owKI3ZLqP +SkWtrbpWf+qgYHFkt1/CCrDLdeyQ5JaD7J2Q/NmTzJTidnzjVI5IAv1jIH7RWa0L +E/J77wELFC7jhbaeGI/Wlx0zUrISRqMDLOqQ7wIDAQABAoIBAGxA+xLXjg9xZ4qA +aNp1J0k3olFDPI/UAjqvLaEJZx2SH3xZcAbpXIalBdXVGZLXzb661S+YYr8rcB9r +nwmPuo/lq8q0s2fu2bWw4wniY9vmMmuz5R4TD5DvGDZ3rqFZ2o2JiOOe/NmImi/p +eoS5HYsEo4DujTM+PbxsAf3hGU0K7GEbOelsnaQ/VSBcK5lnegOH58M09lz6UBeP +fIU8+LpkEliB44N3h4Bb2poroPVX2IhMv25+TzKEr88dUSynoZqv0qN2LoAxba9x +aWU/8L/SyfjsMnHcO9OOjcddBVZYHu5C9PwXs8G3s1rIl/H5KwE312ru3kQkduFE +g0AB74ECgYEA/OJlTLSJ2q2C9lsnk91gnadGQId7Ioz8Rqq/49eEQ/xX9PEZfLCQ +wNV9DLbya3pqRJI9xtlFd2Q6kK3KBdeul51B4IVjd2jQ6CQMLeKdtzAthj2r3rEk +CqKRF4i3qbagweo8JH6Xd/Kec47WcL75IxHLpWeUjpETNvP8lEV5wq8CgYEA/FQ4 +/WCyzTxvWL8/6115MLzaroxg5K8Jg2k/rWQnogw3J3qMCTehnZbfOX/emrnQGneQ +L4xISOpehLtoNA4p5go2FMswJtWWgIyrm1nUDKLvORVcqr8XDFdqKMU45r2d3d/L +9s7yoYqUCC+fdZ9TrH2dwSXV5HPi/LGI4gGcpcECgYEAtDjcnMflnvUdalkYYabZ +nkGCLabgOIVlnS8/Ri9n0dPbE3NoCJcE8oizcAZJyhMZ/PiEElzxxt6lZkqUuYk2 +olKuikZF1unaSDa4f1MLt2wcZZk6DaEM4I9u++ixi7/d3ZUDe7bEV/WOuyhG518S +ys155s1k8B2wJe/ISBsjZX0CgYEApAthbaEjPXjv7uOPe8YuVvhAt7/98k61waB4 +TJLTjW+hn+H1Dr0DLj/66hfuserhl4Np0u/Bwt3UCzkHmugmZy72T/h1Wpn7maFa +o8n3qSt4mUUBFOTc6CIgm1b1ElXuP2QS52dNqKY+bUAAzGiD7p1QJVUixL5usNf+ +5OglXkECgYEA6LC3JY/a9NJXAWvUKbrtmjAmPXO0PG1tgy6Vzbm3TC2GC94JvNqv +bl29doCFT98whIQmRMRsL06uAughWLfS14obwiVlP/h2hE4qPp6G9tnknR39okU+ +1A2j0fawjtoYlLGqFrBmf3pdrW1hYJQKYOdUQGnK8GqwfKycQAlKapc= -----END RSA PRIVATE KEY----- diff --git a/ssl-config/src/test/resources/testServer/testServerKeyStore.jks b/ssl-config/src/test/resources/testServer/testServerKeyStore.jks index ec2ca9530..08e8d888d 100644 Binary files a/ssl-config/src/test/resources/testServer/testServerKeyStore.jks and b/ssl-config/src/test/resources/testServer/testServerKeyStore.jks differ diff --git a/ssl-config/src/test/resources/testServer/testServerKeyStore.p12 b/ssl-config/src/test/resources/testServer/testServerKeyStore.p12 index bcbe9671f..f541feb0e 100644 Binary files a/ssl-config/src/test/resources/testServer/testServerKeyStore.p12 and b/ssl-config/src/test/resources/testServer/testServerKeyStore.p12 differ