THRIFT-2325 SSL-test-certificates.patch

Java test suite use keys and certs from test/keys/

Patch: Roger Meier

2 files changed, 30 insertions, 0 deletions

diff --git a/test/keys/README.md b/test/keys/README.md
index fa1684e83..d4bb5a337 100755
--- a/test/keys/README.md
+++ b/test/keys/README.md
@@ -26,6 +26,10 @@ we use the following parameters for test key and certificate creation
     openssl x509 -in server.crt -text > CA.pem
     cat server.crt server.key > server.pem
 
+Export password is **thrift**
+
+    openssl pkcs12 -export -clcerts -in server.crt -inkey server.key -out server.p12
+
 ### create client key and certificate
 
     openssl genrsa -out client.key
@@ -45,3 +49,29 @@ export certificate in PKCS12 format
 export certificate in PEM format for OpenSSL usage
 
     openssl pkcs12 -in client.p12 -out client.pem -clcerts
+
+
+## Java key and certificate import
+Java Test Environment uses key and trust store password **thrift**
+
+list keystore entries
+
+    keytool -list -storepass thrift -keystore ../../lib/java/test/.keystore
+
+list truststore entries
+
+    keytool -list -storepass thrift -keystore ../../lib/java/test/.truststore
+
+import certificate into truststore
+
+    keytool -importcert -storepass thrift -keystore ../../lib/java/test/.truststore -alias ssltest --file server.crt
+
+import key into keystore
+
+    keytool -importkeystore -storepass thrift -keystore ../../lib/java/test/.keystore -srcstoretype pkcs12 -srckeystore server.p12
+
+# Test SSL server and clients
+
+    openssl s_client -connect localhost:9090
+    openssl s_server -accept 9090 -www
+
diff --git a/test/keys/server.p12 b/test/keys/server.p12
new file mode 100644
index 000000000..65fc21aeb
--- /dev/null
+++ b/test/keys/server.p12