diff --git a/akka-http-core/src/main/resources/keys/README b/akka-http-core/src/test/resources/keys/README similarity index 89% rename from akka-http-core/src/main/resources/keys/README rename to akka-http-core/src/test/resources/keys/README index 65dfa96457..e09f34715d 100644 --- a/akka-http-core/src/main/resources/keys/README +++ b/akka-http-core/src/test/resources/keys/README @@ -17,9 +17,9 @@ openssl req -x509 -new -nodes -key rootCA.key -days 3560 -out rootCA.crt # Create server key: -openssl genrsa -out device.key 2048 +openssl genrsa -out server.key 2048 -# Create server CSR: +# Create server CSR (you need to set the common name CN to "akka.example.org"): openssl req -new -key server.key -out server.csr diff --git a/akka-http-core/src/main/resources/keys/chain.pem b/akka-http-core/src/test/resources/keys/chain.pem similarity index 100% rename from akka-http-core/src/main/resources/keys/chain.pem rename to akka-http-core/src/test/resources/keys/chain.pem diff --git a/akka-http-core/src/main/resources/keys/rootCA.crt b/akka-http-core/src/test/resources/keys/rootCA.crt similarity index 100% rename from akka-http-core/src/main/resources/keys/rootCA.crt rename to akka-http-core/src/test/resources/keys/rootCA.crt diff --git a/akka-http-core/src/main/resources/keys/rootCA.key b/akka-http-core/src/test/resources/keys/rootCA.key similarity index 100% rename from akka-http-core/src/main/resources/keys/rootCA.key rename to akka-http-core/src/test/resources/keys/rootCA.key diff --git a/akka-http-core/src/main/resources/keys/server.crt b/akka-http-core/src/test/resources/keys/server.crt similarity index 100% rename from akka-http-core/src/main/resources/keys/server.crt rename to akka-http-core/src/test/resources/keys/server.crt diff --git a/akka-http-core/src/main/resources/keys/server.key b/akka-http-core/src/test/resources/keys/server.key similarity index 100% rename from akka-http-core/src/main/resources/keys/server.key rename to akka-http-core/src/test/resources/keys/server.key diff --git a/akka-http-core/src/main/resources/keys/server.p12 b/akka-http-core/src/test/resources/keys/server.p12 similarity index 100% rename from akka-http-core/src/main/resources/keys/server.p12 rename to akka-http-core/src/test/resources/keys/server.p12 diff --git a/akka-http-core/src/test/scala/akka/http/impl/util/ExampleHttpContexts.scala b/akka-http-core/src/test/scala/akka/http/impl/util/ExampleHttpContexts.scala index b9531de10b..09b9816caa 100644 --- a/akka-http-core/src/test/scala/akka/http/impl/util/ExampleHttpContexts.scala +++ b/akka-http-core/src/test/scala/akka/http/impl/util/ExampleHttpContexts.scala @@ -16,11 +16,14 @@ import akka.http.scaladsl.HttpsContext */ object ExampleHttpContexts { val exampleServerContext = { + // never put passwords into code! + val password = "abcdef".toCharArray + val ks = KeyStore.getInstance("PKCS12") - ks.load(resourceStream("keys/server.p12"), "abcdef".toCharArray) + ks.load(resourceStream("keys/server.p12"), password) val keyManagerFactory = KeyManagerFactory.getInstance("SunX509") - keyManagerFactory.init(ks, "abcdef".toCharArray) + keyManagerFactory.init(ks, password) val context = SSLContext.getInstance("TLS") context.init(keyManagerFactory.getKeyManagers, null, new SecureRandom) @@ -30,6 +33,7 @@ object ExampleHttpContexts { val exampleClientContext = { val certStore = KeyStore.getInstance(KeyStore.getDefaultType) certStore.load(null, null) + // only do this if you want to accept a custom root CA. Understand what you are doing! certStore.setCertificateEntry("ca", loadX509Certificate("keys/rootCA.crt")) val certManagerFactory = TrustManagerFactory.getInstance("SunX509")