Issue 203: Update the truststore/keystore for stream-tests (#301)

* Update the stream-tests truststore/keystore to refer to pekko-remote The same truststore/keyspace as the one generate with the Makefile at remote/src/test/resources is used here" * Revert "Update the stream-tests truststore/keystore to refer to pekko-remote" This reverts commit 7bab689bb6257e80d2bd8cdff2b8a715bb08c619. * Issue 203: Update keystore/truststore for stream-tests: Note that no SAN extension file is used in this case. Therefore the verify hostname code looks at the CN= instead of the subjectAltName field. I've added a Makefile here to make it easier to regenerate this in future: just delete the trust/keystores and run 'make' * 203: Add comment explaining new Makefile
2023-04-28 18:29:38 +01:00 · 2023-04-28 18:29:38 +01:00 · 46b02c6640
commit 46b02c6640
parent dcacb0ff03
5 changed files with 21 additions and 2 deletions
--- a/stream-tests/src/test/resources/Makefile
+++ b/stream-tests/src/test/resources/Makefile
@ -0,0 +1,19 @@
+# Documents how truststore and keystore were created
+# A similar Makefile is found in remote/src/test/resources/, however here the cert is created without specifying a Subject Alternate Name
+all: truststore keystore
+
+truststore: domain.crt
+	keytool -importcert -file domain.crt -keystore truststore -deststorepass changeme
+
+keystore: domain.crt domain.key
+	openssl pkcs12 -export -inkey domain.key -passin pass:changeme -in domain.crt -out keystore -passout pass:changeme
+
+domain.crt: domain.csr domain.key
+	openssl x509 -req -in domain.csr -sha256 -out domain.crt -signkey domain.key
+
+domain.csr:
+	openssl req -new -newkey rsa:2048 -keyout domain.key -subj "/C=US/ST=Delaware/O=Apache/CN=pekko-remote" -out domain.csr -passout pass:changeme
+
+.PHONY: clean
+clean:
+	rm domain.key domain.crt domain.csr keystore truststore 
--- a/stream-tests/src/test/resources/keystore
+++ b/stream-tests/src/test/resources/keystore
--- a/stream-tests/src/test/resources/truststore
+++ b/stream-tests/src/test/resources/truststore
--- a/stream-tests/src/test/scala/org/apache/pekko/stream/io/DeprecatedTlsSpec.scala
+++ b/stream-tests/src/test/scala/org/apache/pekko/stream/io/DeprecatedTlsSpec.scala
@ -526,7 +526,7 @@ class DeprecatedTlsSpec extends StreamSpec(DeprecatedTlsSpec.configOverrides) wi

        Source.single(SendBytes(ByteString.empty)).via(flow).runWith(Sink.ignore)
      }
-      Await.result(run("akka-remote"), 3.seconds) // CN=akka-remote
+      Await.result(run("pekko-remote"), 3.seconds) // CN=pekko-remote
      val cause = intercept[Exception] {
        Await.result(run("unknown.example.org"), 3.seconds)
      }
--- a/stream-tests/src/test/scala/org/apache/pekko/stream/io/TlsSpec.scala
+++ b/stream-tests/src/test/scala/org/apache/pekko/stream/io/TlsSpec.scala
@ -574,7 +574,7 @@ class TlsSpec extends StreamSpec(TlsSpec.configOverrides) with WithLogCapturing
          Source.single(SendBytes(ByteString.empty)).via(flow).runWith(Sink.ignore)
        }

-        Await.result(run("akka-remote"), 3.seconds) // CN=akka-remote
+        Await.result(run("pekko-remote"), 3.seconds) // CN=pekko-remote
        val cause = intercept[Exception] {
          Await.result(run("unknown.example.org"), 3.seconds)
        }