1) Create a CA certificate and a private key:
openssl genrsa -des3 -out CA-key.pem 2048
-openssl req -new -key CA-key.pem -x509 -days 1000 -out CA-cert.pem
+openssl req -new -key CA-key.pem -x509 -days 3600 -out CA-cert.pem
2) Create a keystore with a private key entry that is signed by the CA:
+Note: your name must be "localhost"
+
keytool -genkeypair -alias policy_agent -keyalg RSA -keysize 2048 -keystore keystore.jks -validity 3650 -storepass policy_agent
keytool -certreq -alias policy_agent -file request.csr -keystore keystore.jks -ext san=dns:your.domain.com -storepass policy_agent
-openssl x509 -req -days 365 -in request.csr -CA CA-cert.pem -CAkey CA-key.pem -CAcreateserial -out ca_signed-cert.pem
+openssl x509 -req -days 3650 -in request.csr -CA CA-cert.pem -CAkey CA-key.pem -CAcreateserial -out ca_signed-cert.pem
keytool -importcert -alias ca_cert -file CA-cert.pem -keystore keystore.jks -trustcacerts -storepass policy_agent
keytool -importcert -alias policy_agent -file ca_signed-cert.pem -keystore keystore.jks -trustcacerts -storepass policy_agent
## License
-Copyright (C) 2020 Nordix Foundation. All rights reserved.
+Copyright (C) 2022 Nordix Foundation. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.ExtendWith;
import org.oransc.ics.clients.AsyncRestClient;
import org.oransc.ics.clients.AsyncRestClientFactory;
import org.oransc.ics.clients.SecurityContext;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.test.context.TestPropertySource;
-import org.springframework.test.context.junit.jupiter.SpringExtension;
import org.springframework.web.reactive.function.client.WebClientResponseException;
import reactor.core.publisher.Mono;
import reactor.test.StepVerifier;
-@ExtendWith(SpringExtension.class)
@SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT)
@TestPropertySource(
properties = { //
"server.ssl.key-store=./config/keystore.jks", //
"app.webclient.trust-store=./config/truststore.jks", //
+ "app.webclient.trust-store-used=true", //
"app.vardata-directory=./target"})
class ApplicationTest {
private final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
assertThat(rsp).isEqualTo("[\"test\"]");
}
+ @Test
+ void testTrustValidation() throws Exception {
+ putInfoProducerWithOneType(PRODUCER_ID, "test");
+ String url = A1eConsts.API_ROOT + "/eitypes";
+ String rsp = restClient(true).get(url).block();
+ assertThat(rsp).isEqualTo("[\"test\"]");
+ }
+
@Test
void consumerGetInfoTypes() throws Exception {
putInfoProducerWithOneType(PRODUCER_ID, "test");
Code Review / nonrtric / plt / informationcoordinatorservice.git / commitdiff