From 064556bd0e531c71dd285de372312d2851abf29f Mon Sep 17 00:00:00 2001 From: Magnus Ahltorp Date: Tue, 31 Mar 2015 15:23:12 +0200 Subject: X.509 cert generation for http server --- Makefile | 28 +++++++++++++++++++++++++++- test/catlfish-test-local-1.cfg | 9 ++++++--- test/catlfish-test-local-merge.cfg | 2 +- test/catlfish-test-local-signing.cfg | 6 +++--- 4 files changed, 37 insertions(+), 8 deletions(-) diff --git a/Makefile b/Makefile index 261def1..d7b5ee3 100644 --- a/Makefile +++ b/Makefile @@ -9,13 +9,14 @@ release: all mkdir $(RELDIR) ./makerelease.erl mkdir $(RELDIR)/catlfish - cp -r webroot $(RELDIR)/catlfish -include test/test.mk tests-prepare: rm -r $(RELDIR)/tests || true mkdir $(RELDIR)/tests + make tests-createca + make tests-createcert mkdir $(RELDIR)/tests/keys (cd $(RELDIR)/tests/keys ; ../../../tools/create-key.sh logkey) mkdir $(RELDIR)/tests/mergedb @@ -90,6 +91,31 @@ tests: @make tests-wait @make tests-stop +tests-createca: + mkdir $(RELDIR)/tests/httpsca + ( cd $(RELDIR)/tests/httpsca ; \ + mkdir -p demoCA/newcerts ; \ + touch demoCA/index.txt ; \ + echo 00 > demoCA/serial ; \ + echo '[ req ]' > caconfig.txt ; \ + echo 'distinguished_name = req_distinguished_name' >> caconfig.txt ; \ + echo 'x509_extensions = v3_ca' >> caconfig.txt ; \ + echo '[ req_distinguished_name ]' >> caconfig.txt ; \ + echo '[ v3_ca ]' >> caconfig.txt ; \ + echo 'basicConstraints=CA:true' >> caconfig.txt ; \ + openssl req -newkey rsa:2048 -keyout key.pem -out req.csr -nodes -subj '/countryName=SE/stateOrProvinceName=Stockholm/organizationName=Test/commonName=ca/O=ca' -config caconfig.txt ; \ + openssl ca -in req.csr -selfsign -keyfile key.pem -out demoCA/cacert.pem -batch \ + ) + +tests-createcert: + mkdir $(RELDIR)/tests/httpscert + openssl req -new -newkey rsa:2048 -keyout $(RELDIR)/tests/httpscert/httpskey-1.pem -out $(RELDIR)/tests/httpsca/httpscert-1.csr -nodes -subj '/countryName=SE/stateOrProvinceName=Stockholm/organizationName=Test/CN=localhost' + ( cd $(RELDIR)/tests/httpsca ; \ + openssl ca -in httpscert-1.csr -keyfile key.pem -out httpscert-1.pem -batch \ + ) + cp $(RELDIR)/tests/httpsca/httpscert-1.pem $(RELDIR)/tests/httpscert/ + + # Unit testing. check: all test/check.erl diff --git a/test/catlfish-test-local-1.cfg b/test/catlfish-test-local-1.cfg index 7caacdc..be1c5b3 100644 --- a/test/catlfish-test-local-1.cfg +++ b/test/catlfish-test-local-1.cfg @@ -9,12 +9,15 @@ addresses: publicaddresses: frontend-1: 127.0.0.1:8080 +#publichttpaddresses: +# frontend-1: 127.0.0.1:8090 + paths: configdir: . knownroots: tests/known_roots - https_certfile: catlfish/webroot/certs/webcert.pem - https_keyfile: catlfish/webroot/keys/webkey.pem - https_cacertfile: catlfish/webroot/certs/webcert.pem + https_certfile: tests/httpscert/httpscert-1.pem + https_keyfile: tests/httpscert/httpskey-1.pem + https_cacertfile: tests/httpsca/demoCA/cacert.pem db: tests/machine/machine-1/db/ publickeys: tests/publickeys logpublickey: tests/keys/logkey.pem diff --git a/test/catlfish-test-local-merge.cfg b/test/catlfish-test-local-merge.cfg index 4a77708..3de20ee 100644 --- a/test/catlfish-test-local-merge.cfg +++ b/test/catlfish-test-local-merge.cfg @@ -2,7 +2,7 @@ nodename: merge-1 paths: mergedb: tests/mergedb - https_cacertfile: catlfish/webroot/certs/webcert.pem + https_cacertfile: tests/httpsca/demoCA/cacert.pem publickeys: tests/publickeys logpublickey: tests/keys/logkey.pem privatekeys: tests/privatekeys diff --git a/test/catlfish-test-local-signing.cfg b/test/catlfish-test-local-signing.cfg index b08bf2f..c8b27ae 100644 --- a/test/catlfish-test-local-signing.cfg +++ b/test/catlfish-test-local-signing.cfg @@ -6,9 +6,9 @@ addresses: paths: configdir: . - https_certfile: catlfish/webroot/certs/webcert.pem - https_keyfile: catlfish/webroot/keys/webkey.pem - https_cacertfile: catlfish/webroot/certs/webcert.pem + https_certfile: tests/httpscert/httpscert-1.pem + https_keyfile: tests/httpscert/httpskey-1.pem + https_cacertfile: tests/httpsca/demoCA/cacert.pem publickeys: tests/publickeys logpublickey: tests/keys/logkey.pem logprivatekey: tests/keys/logkey-private.pem -- cgit v1.1