aboutsummaryrefslogtreecommitdiffstats
path: root/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl
diff options
context:
space:
mode:
authorPiotr Jaszczyk <piotr.jaszczyk@nokia.com>2018-09-21 11:31:59 +0200
committerPiotr Jaszczyk <piotr.jaszczyk@nokia.com>2018-09-25 08:40:25 +0200
commite4bd899f657daa88274f1419314f43953a6bc1ef (patch)
tree387b84c7f7e922a304acd960068b82eefdd53e3b /test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl
parentb4c9fdb2aca5d283e16354c488460252c68c7d67 (diff)
Use PKCS12 key and trust store in HV-VES Collector
Usage of keystore and truststore allows us to use JDK security framework instead of openssl JNI bindings which are sometimes problematic. * Replace openssl with keytool when generating the scripts Change-Id: Icaa21cd1db443b1dd8fe7e7c0523123df5ea2545 Issue-ID: DCAEGEN2-816 Signed-off-by: Piotr Jaszczyk <piotr.jaszczyk@nokia.com>
Diffstat (limited to 'test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl')
-rw-r--r--test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl41
1 files changed, 41 insertions, 0 deletions
diff --git a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl b/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl
new file mode 100644
index 000000000..a32d30dd0
--- /dev/null
+++ b/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl
@@ -0,0 +1,41 @@
+FILE=sample
+PASSWD=onaponap
+CA_PASSWD=onaponap
+SUBJ=/C=PL/ST=DL/L=Wroclaw/O=Nokia/OU=MANO
+CA=trust
+
+sign: $(FILE).crt
+
+clean:
+ rm -f *.crt *.key *.srl *.csr *.pkcs12
+
+generate-ca-certificate: $(CA).crt
+
+generate-private-key: $(FILE).key
+
+create-public-key: $(FILE).pub
+
+create-sign-request: $(FILE).csr
+
+create-key-store: $(FILE).ks.pkcs12
+
+create-trust-store: $(CA).crt
+ openssl pkcs12 -export -in $(CA).crt -CAfile $(CA).crt -out $(CA).pkcs12 -nokeys -noiter -nomaciter -passout pass:$(PASSWD)
+
+$(CA).crt:
+ openssl req -new -x509 -keyout $(CA).key -out $(CA).crt -days 365 -passout pass:$(CA_PASSWD) -subj "$(SUBJ)"
+
+$(FILE).key:
+ openssl genpkey -algorithm RSA -out $(FILE).key -pkeyopt rsa_keygen_bits:2048
+
+$(FILE).pub: $(FILE).key
+ openssl x509 -req -days 360 -in client.csr -CA $(CA).crt -CAkey $(CA).key -CAcreateserial -out client.crt
+
+$(FILE).csr: $(FILE).key
+ openssl req -new -sha256 -key $(FILE).key -out $(FILE).csr -subj "$(SUBJ)"
+
+$(FILE).crt: $(CA).crt $(FILE).csr
+ openssl x509 -req -days 360 -in $(FILE).csr -CA $(CA).crt -CAkey $(CA).key -out $(FILE).crt -CAcreateserial -passin pass:$(CA_PASSWD)
+
+$(FILE).ks.pkcs12: $(FILE).key $(FILE).crt $(CA).crt
+ openssl pkcs12 -export -in $(FILE).crt -inkey $(FILE).key -CAfile $(CA).crt -out $(FILE).ks.pkcs12 -noiter -nomaciter -passout pass:$(PASSWD)