X.509 cert generation for http servercagen

4 files changed, 37 insertions, 8 deletions

diff --git a/Makefile b/Makefile
index 261def1..d7b5ee3 100644
--- a/Makefile
+++ b/Makefile
@@ -9,13 +9,14 @@ release: all
 	mkdir $(RELDIR)
 	./makerelease.erl
 	mkdir $(RELDIR)/catlfish
-	cp -r webroot $(RELDIR)/catlfish
 
 -include test/test.mk
 
 tests-prepare:
 	rm -r $(RELDIR)/tests || true
 	mkdir $(RELDIR)/tests
+	make tests-createca
+	make tests-createcert
 	mkdir $(RELDIR)/tests/keys
 	(cd $(RELDIR)/tests/keys ; ../../../tools/create-key.sh logkey)
 	mkdir $(RELDIR)/tests/mergedb
@@ -90,6 +91,31 @@ tests:
 	@make tests-wait
 	@make tests-stop
 
+tests-createca:
+	mkdir $(RELDIR)/tests/httpsca
+	( cd $(RELDIR)/tests/httpsca ; \
+	  mkdir -p demoCA/newcerts ; \
+	  touch demoCA/index.txt ; \
+	  echo 00 > demoCA/serial ; \
+	  echo '[ req ]' > caconfig.txt ; \
+	  echo 'distinguished_name = req_distinguished_name' >> caconfig.txt ; \
+	  echo 'x509_extensions = v3_ca' >> caconfig.txt ; \
+	  echo '[ req_distinguished_name ]' >> caconfig.txt ; \
+	  echo '[ v3_ca ]' >> caconfig.txt ; \
+	  echo 'basicConstraints=CA:true' >> caconfig.txt ; \
+	  openssl req -newkey rsa:2048 -keyout key.pem -out req.csr -nodes -subj '/countryName=SE/stateOrProvinceName=Stockholm/organizationName=Test/commonName=ca/O=ca' -config caconfig.txt ; \
+	  openssl ca -in req.csr -selfsign -keyfile key.pem -out demoCA/cacert.pem -batch \
+	)
+
+tests-createcert:
+	mkdir $(RELDIR)/tests/httpscert
+	openssl req -new -newkey rsa:2048 -keyout $(RELDIR)/tests/httpscert/httpskey-1.pem -out $(RELDIR)/tests/httpsca/httpscert-1.csr -nodes -subj '/countryName=SE/stateOrProvinceName=Stockholm/organizationName=Test/CN=localhost'
+	( cd $(RELDIR)/tests/httpsca ; \
+	  openssl ca -in httpscert-1.csr -keyfile key.pem -out httpscert-1.pem -batch \
+	)
+	cp $(RELDIR)/tests/httpsca/httpscert-1.pem $(RELDIR)/tests/httpscert/
+
+
 # Unit testing.
 check: all
 	test/check.erl
diff --git a/test/catlfish-test-local-1.cfg b/test/catlfish-test-local-1.cfg
index 7caacdc..be1c5b3 100644
--- a/test/catlfish-test-local-1.cfg
+++ b/test/catlfish-test-local-1.cfg
@@ -9,12 +9,15 @@ addresses:
 publicaddresses:
         frontend-1: 127.0.0.1:8080
 
+#publichttpaddresses:
+#        frontend-1: 127.0.0.1:8090
+
 paths:
         configdir: .
         knownroots: tests/known_roots
-        https_certfile: catlfish/webroot/certs/webcert.pem
-        https_keyfile: catlfish/webroot/keys/webkey.pem
-        https_cacertfile: catlfish/webroot/certs/webcert.pem
+        https_certfile: tests/httpscert/httpscert-1.pem
+        https_keyfile: tests/httpscert/httpskey-1.pem
+        https_cacertfile: tests/httpsca/demoCA/cacert.pem
         db: tests/machine/machine-1/db/
         publickeys: tests/publickeys
         logpublickey: tests/keys/logkey.pem
diff --git a/test/catlfish-test-local-merge.cfg b/test/catlfish-test-local-merge.cfg
index 4a77708..3de20ee 100644
--- a/test/catlfish-test-local-merge.cfg
+++ b/test/catlfish-test-local-merge.cfg
@@ -2,7 +2,7 @@ nodename: merge-1
 
 paths:
         mergedb: tests/mergedb
-        https_cacertfile: catlfish/webroot/certs/webcert.pem
+        https_cacertfile: tests/httpsca/demoCA/cacert.pem
         publickeys: tests/publickeys
         logpublickey: tests/keys/logkey.pem
         privatekeys: tests/privatekeys
diff --git a/test/catlfish-test-local-signing.cfg b/test/catlfish-test-local-signing.cfg
index b08bf2f..c8b27ae 100644
--- a/test/catlfish-test-local-signing.cfg
+++ b/test/catlfish-test-local-signing.cfg
@@ -6,9 +6,9 @@ addresses:
 
 paths:
         configdir: .
-        https_certfile: catlfish/webroot/certs/webcert.pem
-        https_keyfile: catlfish/webroot/keys/webkey.pem
-        https_cacertfile: catlfish/webroot/certs/webcert.pem
+        https_certfile: tests/httpscert/httpscert-1.pem
+        https_keyfile: tests/httpscert/httpskey-1.pem
+        https_cacertfile: tests/httpsca/demoCA/cacert.pem
         publickeys: tests/publickeys
         logpublickey: tests/keys/logkey.pem
         logprivatekey: tests/keys/logkey-private.pem