raboof/pekko
1
0
Fork 0
Code Issues Pull requests Projects Releases 6 Packages Wiki Activity Actions 11

Fix #203: Update truststores/keystores for pekko-remote (#298)

Browse source 
* Issue 203: Regenerate the keystore/truststore for remote tests

I've followed the guide at https://www.digicert.com/kb/ssl-support/openssl-quick-reference-guide.htm to update the makefile's domain.csr recipe. I then ran 'make' and deleted any files that were not there previously (i.e. the private key)

* Update akka-remote to pekko-remote to reflect new test cert
This commit is contained in:
Sam Byng 2023-04-28 17:44:24 +01:00 committed by GitHub
parent d3983be07e
commit dcacb0ff03
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 20 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

2
remote/src/test/resources/Makefile
View file

@ -17,7 +17,7 @@ domain.cnf:
echo "subjectAltName=DNS:localhost" >> domain.cnf echo "subjectAltName=DNS:localhost" >> domain.cnf
domain.csr: domain.cnf domain.csr: domain.cnf
openssl req -new -newkey rsa:2048 -keyout domain.key -subj "/C=ZA/ST=web/O=Lightbend/CN=akka-remote" -reqexts SAN -config domain.cnf -out domain.csr -passout pass:changeme openssl req -new -newkey rsa:2048 -keyout domain.key -subj "/C=US/ST=Delaware/O=Apache/CN=pekko-remote" -reqexts SAN -config domain.cnf -out domain.csr -passout pass:changeme
.PHONY: clean .PHONY: clean
clean: clean:

36
remote/src/test/resources/domain.crt
View file

@ -1,20 +1,20 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIDMDCCAhigAwIBAgIULYjj2NGVQ1r1MzK9j03lmw/s9AAwDQYJKoZIhvcNAQEL MIIDNjCCAh6gAwIBAgIULYe4EBXmMjvX8QpoUDdKsL7L64wwDQYJKoZIhvcNAQEL
BQAwRTELMAkGA1UEBhMCWkExDDAKBgNVBAgMA3dlYjESMBAGA1UECgwJTGlnaHRi BQAwSDELMAkGA1UEBhMCVVMxETAPBgNVBAgMCERlbGF3YXJlMQ8wDQYDVQQKDAZB
ZW5kMRQwEgYDVQQDDAtha2thLXJlbW90ZTAeFw0yMDA2MDIxMTA1MDVaFw0yMDA3 cGFjaGUxFTATBgNVBAMMDHBla2tvLXJlbW90ZTAeFw0yMzA0MjUyMDMxMTBaFw0y
MDIxMTA1MDVaMEUxCzAJBgNVBAYTAlpBMQwwCgYDVQQIDAN3ZWIxEjAQBgNVBAoM MzA1MjUyMDMxMTBaMEgxCzAJBgNVBAYTAlVTMREwDwYDVQQIDAhEZWxhd2FyZTEP
CUxpZ2h0YmVuZDEUMBIGA1UEAwwLYWtrYS1yZW1vdGUwggEiMA0GCSqGSIb3DQEB MA0GA1UECgwGQXBhY2hlMRUwEwYDVQQDDAxwZWtrby1yZW1vdGUwggEiMA0GCSqG
AQUAA4IBDwAwggEKAoIBAQC8bahFbJFC31YWoyJGdOasMnZHE+D3jjnTmGS+E6Ev SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4Ljhl1x9yitKPRLK7x2p54U+MMpaWqnH8
YxQ1zR+ja2CpDv1M5VjOS4qzVXBXm/2OM35Er6sE+cAdtO8qXq39hzhNoS5nvHIo IoK1vq4PJ3Tj5V2sXzNBtAcwBjdiQCJAPh77WHWtPpDTsYFXh5RSe0lEc1P3j9Zb
hl881MHIbndohtMZm2NsKM2yHnqnFI4jMnlEK9d8gmn25PsqUwOC9g9h4HOp+qys Hp7DwWzmorwdHpdVVB3eaFktlkjCi/townSxlgeudeGzKIUfI4Jfbs/K9a6cihSQ
mqDzMmyZSS3qotyximOPBIQcRan6xh9i3Zhi3VRIxMl9WNR1gU5sbOeO4G7xsKyY fWxi5H4h+FZRQzoc/8nfQtcQsff89OaQZRBssCrU+fFqX6vEjdTXftXF/wcACYev
FjfEeVjyDOG1pYHpnBVtqTDJoNzs5jZIslzpZU/iCW1fF2r5VwCuwMj/fgSxz7Qv 29BoK/IVz0ULS+yJQOiemt7yq5Zu22PDEpzb8gEnrA7gFZ0HwmQmYcMv7Uqfii9Y
LXqw70QDKeDkebgaTmhqAtYbAT20JXwMCuiE+8Lo4hGbAgMBAAGjGDAWMBQGA1Ud Y7VAK/Lzu9jM5lJsR0tw9W7x0uQzx9SC3iIS75NrDMPPVBGkjvUPAgMBAAGjGDAW
EQQNMAuCCWxvY2FsaG9zdDANBgkqhkiG9w0BAQsFAAOCAQEAm97sH2qjazMJV66X MBQGA1UdEQQNMAuCCWxvY2FsaG9zdDANBgkqhkiG9w0BAQsFAAOCAQEAbGZD87Ir
wJfxk72qHpZIXyzGIAcORcF8lxDOKaqO8q85cZa9uNhq+CtSOEN41KupBKVk4dfa /CrE4hMGZkO0rcdsrBNGeQqKSCNypuTab4bVnCiJP8TxJWlKg5YEkrmv9kKWDKvw
ZZ7IWFqptXKsztQ6Ff+ruEX3ZeW3ZsZp72+PuauC6ClNmxZG4/bUA0uKKd8s5yPK PE8mH72SM6s/HdMbW2DTXidP3EqRpnehWnDD7jeVj9M/pv/fER1rYZ2yYsjVd2Zw
jqJ3KR6ZuYykBvT2dQrHdI4LQPC4Sh+AZtfizTh21dYz4F1HPe/aBoDx0eAO6oyF jev8kJDQTjrgjUzJAd1XjitXxTwLzajIf9poXlAEZ3Q0yilcsm1pcZwUPxEgxKFW
S0V6Mm8d/ydCg5wS+s0NmNniia3sww2fud+PyR3AaaubSBKhThQg6pQhFiaxjKSz Qa2vP0PM5XSSBhn6uFgPrm2e2vheo1oEwFWe2wYL32c5mFpcqPTTNzdWqb8erLKR
IMCg9Yicy8vem5w+HqOJqoyiPDSdxtInyeNKskxcB7ayOpcWj/TX/W379FWABxeo BtHX36+OiOt4KQhgimGecVTVFLoJzIDP4upgb6lqTNfgdJ9+XOOKzhBjnEjGwcwk
rt8eZw== 96dbiUglmS/e3A==
-----END CERTIFICATE----- -----END CERTIFICATE-----

BIN
remote/src/test/resources/keystore
View file

Binary file not shown.

BIN
remote/src/test/resources/truststore
View file

Binary file not shown.

2
remote/src/test/scala/org/apache/pekko/remote/artery/tcp/ssl/X509ReadersSpec.scala
View file

@ -29,7 +29,7 @@ class X509ReadersSpec extends AnyWordSpec with Matchers {
"read both the CN and the subject alternative names" in { "read both the CN and the subject alternative names" in {
val serverCert = loadCert("/domain.crt") val serverCert = loadCert("/domain.crt")
X509Readers.getAllSubjectNames(serverCert) mustBe (Set("akka-remote", "localhost")) X509Readers.getAllSubjectNames(serverCert) mustBe (Set("pekko-remote", "localhost"))
} }
"read a certificate that has no SAN extension" in { "read a certificate that has no SAN extension" in {