mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: f69871 | patch | commitdiff
neil_a_wilson
25.33.2006 9da9d983ab1f6567b78f9d7fd7b543844b7d3539
refs
author neil_a_wilson <neil_a_wilson@localhost>
Monday, September 25, 2006 05:33 +0200
committer neil_a_wilson <neil_a_wilson@localhost>
Monday, September 25, 2006 05:33 +0200
commit9da9d983ab1f6567b78f9d7fd7b543844b7d3539
tree f89b3efe5a75ab431e62ac41f854e40851c910c6 tree | zip | gz
parent f6987141bc50b1699a428aadc7309f68397b5556 view | diff 
Add a set of certificates for use in testing the server with SSL and StartTLS.
The certificates are valid for 20 years, so we won't need to change them for a
while.  They are self-signed, but there are also trust stores available so that
clients can trust them without needing to resort to blindly trusting all
certificates.  There is a client certificate that is adequate for use with SASL
EXTERNAL.  Both the client and server certificates are available in both JKS
and PKCS#12 formats.

The commands used to generate these certificates are as follows:

$ /usr/java5/bin/keytool -genkey -alias server-cert -keyalg rsa -dname 'CN=OpenDS Test Certificate,O=OpenDS.org' -keystore server.keystore -storepass password -keypass password
$ /usr/java5/bin/keytool -selfcert -alias server-cert -validity 7305 -keystore server.keystore -storepass password

$ /usr/java5/bin/keytool -export -rfc -alias server-cert -file /tmp/server.cert -keystore server.keystore -storepass password
$ /usr/java5/bin/keytool -import -alias server-cert -file /tmp/server.cert -keystore server.truststore -storepass password

$ /usr/java5/bin/keytool -genkey -alias client-cert -keyalg rsa -dname 'CN=Test User,O=Test' -keystore client.keystore -storepass password -keypass password
$ /usr/java5/bin/keytool -selfcert -alias client-cert -validity 7305 -keystore client.keystore -storepass password
$ /usr/java5/bin/keytool -import -alias server-cert -file /tmp/server.cert -keystore client.truststore -storepass password

$ /usr/java5/bin/keytool -export -rfc -alias client-cert -file /tmp/client.cert -keystore client.keystore -storepass password
$ /usr/java5/bin/keytool -import -alias client-cert -file /tmp/client.cert -keystore server.truststore -storepass password
$ /usr/java5/bin/keytool -import -alias client-cert -file /tmp/client.cert -keystore client.truststore -storepass password

$ keytool -importkeystore -srckeystore server.keystore -destkeystore server-cert.p12 -srcstoretype JKS -deststoretype PKCS12 -srcstorepass password -deststorepass password -srcalias server-cert -destalias server-cert -srckeypass password -destkeypass password
$ keytool -importkeystore -srckeystore client.keystore -destkeystore client-cert.p12 -srcstoretype JKS -deststoretype PKCS12 -srcstorepass password -deststorepass password -srcalias client-cert -destalias client-cert -srckeypass password -destkeypass password
6 files added
2 files modified
61 ■■■■■ changed files
opendj-sdk/opends/tests/unit-tests-testng/resource/client-cert.p12 diff | view | raw | blame | history
opendj-sdk/opends/tests/unit-tests-testng/resource/client.keystore diff | view | raw | blame | history
opendj-sdk/opends/tests/unit-tests-testng/resource/client.truststore diff | view | raw | blame | history
opendj-sdk/opends/tests/unit-tests-testng/resource/config-changes.ldif 49 ●●●●● diff | view | raw | blame | history
opendj-sdk/opends/tests/unit-tests-testng/resource/server-cert.p12 diff | view | raw | blame | history
opendj-sdk/opends/tests/unit-tests-testng/resource/server.keystore diff | view | raw | blame | history
opendj-sdk/opends/tests/unit-tests-testng/resource/server.truststore diff | view | raw | blame | history
opendj-sdk/opends/tests/unit-tests-testng/src/server/org/opends/server/TestCaseUtils.java 12 ●●●●● diff | view | raw | blame | history