diff options
author | Roger Meier <roger@apache.org> | 2014-02-22 20:05:21 +0100 |
---|---|---|
committer | Roger Meier <roger@apache.org> | 2014-02-22 20:05:21 +0100 |
commit | 48555c5d1fd202088f70a04084b73cab9ee41648 (patch) | |
tree | 8bb4818ceff68a55512f4ce5af06f75d7963875c /test/keys | |
parent | 7e10329f7982f2602d6dbdcb2b45e843b85170c4 (diff) | |
download | thrift-48555c5d1fd202088f70a04084b73cab9ee41648.tar.gz |
THRIFT-2325 SSL-test-certificates.patch
Java test suite use keys and certs from test/keys/
Patch: Roger Meier
Diffstat (limited to 'test/keys')
-rwxr-xr-x | test/keys/README.md | 30 | ||||
-rw-r--r-- | test/keys/server.p12 | bin | 0 -> 2677 bytes |
2 files changed, 30 insertions, 0 deletions
diff --git a/test/keys/README.md b/test/keys/README.md index fa1684e83..d4bb5a337 100755 --- a/test/keys/README.md +++ b/test/keys/README.md @@ -26,6 +26,10 @@ we use the following parameters for test key and certificate creation openssl x509 -in server.crt -text > CA.pem cat server.crt server.key > server.pem +Export password is **thrift** + + openssl pkcs12 -export -clcerts -in server.crt -inkey server.key -out server.p12 + ### create client key and certificate openssl genrsa -out client.key @@ -45,3 +49,29 @@ export certificate in PKCS12 format export certificate in PEM format for OpenSSL usage openssl pkcs12 -in client.p12 -out client.pem -clcerts + + +## Java key and certificate import +Java Test Environment uses key and trust store password **thrift** + +list keystore entries + + keytool -list -storepass thrift -keystore ../../lib/java/test/.keystore + +list truststore entries + + keytool -list -storepass thrift -keystore ../../lib/java/test/.truststore + +import certificate into truststore + + keytool -importcert -storepass thrift -keystore ../../lib/java/test/.truststore -alias ssltest --file server.crt + +import key into keystore + + keytool -importkeystore -storepass thrift -keystore ../../lib/java/test/.keystore -srcstoretype pkcs12 -srckeystore server.p12 + +# Test SSL server and clients + + openssl s_client -connect localhost:9090 + openssl s_server -accept 9090 -www + diff --git a/test/keys/server.p12 b/test/keys/server.p12 Binary files differnew file mode 100644 index 000000000..65fc21aeb --- /dev/null +++ b/test/keys/server.p12 |