summaryrefslogtreecommitdiff
path: root/test/certs
diff options
context:
space:
mode:
authorChris Evich <cevich@redhat.com>2019-03-20 13:28:53 -0400
committerChris Evich <cevich@redhat.com>2019-03-20 13:36:17 -0400
commit148046745ac76342c22fe025e1593bc45252512d (patch)
tree56b02fab50fff52ebaa0edf6f4cb69bf3cdae26f /test/certs
parentbae1561c992f5a5a96c69c072d21a3d416cd95b9 (diff)
downloadpodman-148046745ac76342c22fe025e1593bc45252512d.tar.gz
podman-148046745ac76342c22fe025e1593bc45252512d.tar.bz2
podman-148046745ac76342c22fe025e1593bc45252512d.zip
Add new key and never-expiring test certificate
Former `domain.crt` was created with a one-year life and expired causing all testing to fail. Create a replacement, along with configuration and documentation on how to make a new certificate if ever required. Signed-off-by: Chris Evich <cevich@redhat.com>
Diffstat (limited to 'test/certs')
-rw-r--r--test/certs/README.md9
-rw-r--r--test/certs/domain.cfg30
-rw-r--r--test/certs/domain.crt47
-rw-r--r--test/certs/domain.key45
4 files changed, 109 insertions, 22 deletions
diff --git a/test/certs/README.md b/test/certs/README.md
new file mode 100644
index 000000000..3aab01440
--- /dev/null
+++ b/test/certs/README.md
@@ -0,0 +1,9 @@
+# How to generate key and cert:
+
+## Make private key without a password
+
+certtool --rsa --generate-privkey --null-password --outfile=domain.key
+
+## Use ``domain.cfg`` template to make self-signed cert
+
+certtool --generate-self-signed --load-privkey=domain.key --template=domain.cfg --outfile=domain.crt --load-ca-privkey=domain.key --null-password --no-text
diff --git a/test/certs/domain.cfg b/test/certs/domain.cfg
new file mode 100644
index 000000000..5baeb5631
--- /dev/null
+++ b/test/certs/domain.cfg
@@ -0,0 +1,30 @@
+# X.509 Certificate options
+organization = "Koko inc."
+unit = "sleeping dept."
+locality = "foobar"
+state = "Attiki"
+country = GR
+cn = "Cindy Lauper"
+uid = "clauper"
+dc = "name"
+dc = "domain"
+serial = 1234
+dns_name = "localhost"
+# Use -1 if there is no expiration date.
+expiration_days = -1
+email = "none@none.org"
+signing_key
+encryption_key
+cert_signing_key
+crl_signing_key
+data_encipherment
+non_repudiation
+tls_www_client
+tls_www_server
+code_signing_key
+ocsp_signing_key
+time_stamping_key
+email_protection_key
+ipsec_ike_key
+# for any purpose (must not be used in intermediate CA certificates)
+key_purpose_oid = 2.5.29.37.0
diff --git a/test/certs/domain.crt b/test/certs/domain.crt
index 881fc124d..8a697d7b2 100644
--- a/test/certs/domain.crt
+++ b/test/certs/domain.crt
@@ -1,18 +1,33 @@
-----BEGIN CERTIFICATE-----
-MIIC3zCCAmSgAwIBAgIUdbnvx7lLf8OANP37QTKoxfNAl5EwCgYIKoZIzj0EAwMw
-gawxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T
-YW4gRnJhbmNpc2NvMSowKAYDVQQKEyFIb25lc3QgQWNobWVkJ3MgVXNlZCBDZXJ0
-aWZpY2F0ZXMxKTAnBgNVBAsTIEhhc3RpbHktR2VuZXJhdGVkIFZhbHVlcyBEaXZp
-c29uMRkwFwYDVQQDExBBdXRvZ2VuZXJhdGVkIENBMB4XDTE4MDMyMDExMDUwMFoX
-DTE5MDMyMDExMDUwMFowWzEVMBMGA1UEBxMMdGhlIGludGVybmV0MRYwFAYDVQQK
-Ew1hdXRvZ2VuZXJhdGVkMRQwEgYDVQQLEwtwb2RtYW4gdGVzdDEUMBIGA1UEAxML
-cG9kbWFuLXRlc3QwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATA65F+T8sreSnTm+I2
-IjeKN8rb5W2j3QKXz8n9JkPWiWX16HGIWso1JWPhhjvpmVkfSzD91niQwrsm6PhP
-ypZUzkX5iL7JE8jVjflEiUbflSzc+fgT/scqRUUQ3evmqUCjgZYwgZMwDgYDVR0P
-AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
-Af8EAjAAMB0GA1UdDgQWBBQCgkUh4aBOTl5KHettBluuE7rccDAfBgNVHSMEGDAW
-gBTPyUqMxUVdwC4K+kh9jHtnf7GrETAUBgNVHREEDTALgglsb2NhbGhvc3QwCgYI
-KoZIzj0EAwMDaQAwZgIxAKsrYLbXSJs473tlfX3OF/BmfTvDwBO5TfPoZ1yNDhVk
-UvoYn2szSEVMwR7uX1gKWgIxALz00G6umVkSh0MgIwSaYpJU/N1eVNgbIXRFV+5+
-lK/0jLWm4aAFkVhqUkkueTzG2g==
+MIIFozCCBAugAwIBAgICBNIwDQYJKoZIhvcNAQELBQAwgboxFTATBgNVBAMTDENp
+bmR5IExhdXBlcjEXMBUGCgmSJomT8ixkAQETB2NsYXVwZXIxFzAVBgNVBAsTDnNs
+ZWVwaW5nIGRlcHQuMRIwEAYDVQQKEwlLb2tvIGluYy4xDzANBgNVBAcTBmZvb2Jh
+cjEPMA0GA1UECBMGQXR0aWtpMQswCQYDVQQGEwJHUjEUMBIGCgmSJomT8ixkARkW
+BG5hbWUxFjAUBgoJkiaJk/IsZAEZFgZkb21haW4wIBcNMTkwMzIwMTcyNjI4WhgP
+OTk5OTEyMzEyMzU5NTlaMIG6MRUwEwYDVQQDEwxDaW5keSBMYXVwZXIxFzAVBgoJ
+kiaJk/IsZAEBEwdjbGF1cGVyMRcwFQYDVQQLEw5zbGVlcGluZyBkZXB0LjESMBAG
+A1UEChMJS29rbyBpbmMuMQ8wDQYDVQQHEwZmb29iYXIxDzANBgNVBAgTBkF0dGlr
+aTELMAkGA1UEBhMCR1IxFDASBgoJkiaJk/IsZAEZFgRuYW1lMRYwFAYKCZImiZPy
+LGQBGRYGZG9tYWluMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAsegi
+5zWmOYejptJSm32ZV7ttJxSycbCIF8/dGTigFwE9IWMitWWz5VyohVYKYYV0ZZTI
+SZOZFfL8ElQ6jTnHHxewWi/w1qINyTESGS2jOSBj3uXyGj94gXv9guzbWLNKAD8v
+4iUHYq/7zZPyLqtzFGep3kuKFlrTxsdjgho2NyiuCCLcm+H3dpBoI24QIp1vCIX/
+LCqaAfkxzMyF5sawL7H82gAfYhvGTFoLb5Dy3HdUwlhelTW746HSqtTb9fEqUjNZ
+MmBrCGexW8hN2WheIAoKOGc3UGZgpFj9q6LgWkVKsosZ9PhdxtOKH5XZrT6d5ZFb
+HSfpsxZ0LMLDUK/H+kJaFJaSl0HyxbyZMDExtjCjLzk81+A9t9jkh8Jnag9Ylpec
+ZHxKKl3K7lJuq7s69uKbN9XbTTUkmw4AMa7WdNadj/t8SfpM3ZxZWzX6U81wQg0Z
+Zb/fKxu8lAMZNxfgW7bnaIUBAFzNd4AE/mCOO941v8cizXCNBZ5EyZGVIhxtAgMB
+AAGjga4wgaswVQYDVR0lBE4wTAYEVR0lAAYIKwYBBQUHAwIGCCsGAQUFBwMBBggr
+BgEFBQcDEQYIKwYBBQUHAwkGCCsGAQUFBwMDBggrBgEFBQcDCAYIKwYBBQUHAwQw
+DAYDVR0TAQH/BAIwADAUBgNVHREEDTALgglsb2NhbGhvc3QwDwYDVR0PAQH/BAUD
+AwfwADAdBgNVHQ4EFgQU28OkcdKIoWfHK19QXiFCYud345YwDQYJKoZIhvcNAQEL
+BQADggGBAJyA0YiSiCzVS6M+/2hEvKamlYUz6L7pb5fdlQ3dPL/KlbUPc31bLD7b
+G3Su9iz1bL1qVGebgoJTEDOD/6F9DbMY4Nsh4oe1rS+eBZe6fG6VnaxE4U2XIWKD
+0aijGGfUvEB8W66BtCrtjY3bAb9v1OLvLxktd9do4ACjskq+q+CE/8ID9tCkAn8J
+q0aHv5a5H3bPu3WGuiifZHER+08OwEsO7jsnZAJdgrAK8D0Rodd1rbdIFh2klu1p
+LOCCMhgrQtCFVhoqWA2XaGexqmlTTXjabFDyMA8RvdKozwLSpyMMHJX6Q38Wdr8Z
+nAXfqkCAcXuVwk2llAW7f073Ze3xFWUiW6gH0w7H1KvHHkglBM4H3HyG2T2pu9lb
+mrqRRnfx2AuQplUrFVvz5V7sKmTwZCPueXkfcv/+6bxcLA0N0p3Dk+LGc2JzBLFb
+n6AzrjKwiEg5ri4dQEuaYnJAYDvp+/vo4AEPrUc9nKwOo1h+3rAY2ZkuCy06/3cj
+nzp56Tpaaw==
-----END CERTIFICATE-----
diff --git a/test/certs/domain.key b/test/certs/domain.key
index b0f15eb75..4fe293cac 100644
--- a/test/certs/domain.key
+++ b/test/certs/domain.key
@@ -1,6 +1,39 @@
------BEGIN EC PRIVATE KEY-----
-MIGkAgEBBDB7ZI5Q6dOSwOqpJ2FVlFuDJN/sJB3epR2S+rOvCPua+rQ8uv6lpZDx
-CQ4ioUMFo6agBwYFK4EEACKhZANiAATA65F+T8sreSnTm+I2IjeKN8rb5W2j3QKX
-z8n9JkPWiWX16HGIWso1JWPhhjvpmVkfSzD91niQwrsm6PhPypZUzkX5iL7JE8jV
-jflEiUbflSzc+fgT/scqRUUQ3evmqUA=
------END EC PRIVATE KEY-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4gIBAAKCAYEAsegi5zWmOYejptJSm32ZV7ttJxSycbCIF8/dGTigFwE9IWMi
+tWWz5VyohVYKYYV0ZZTISZOZFfL8ElQ6jTnHHxewWi/w1qINyTESGS2jOSBj3uXy
+Gj94gXv9guzbWLNKAD8v4iUHYq/7zZPyLqtzFGep3kuKFlrTxsdjgho2NyiuCCLc
+m+H3dpBoI24QIp1vCIX/LCqaAfkxzMyF5sawL7H82gAfYhvGTFoLb5Dy3HdUwlhe
+lTW746HSqtTb9fEqUjNZMmBrCGexW8hN2WheIAoKOGc3UGZgpFj9q6LgWkVKsosZ
+9PhdxtOKH5XZrT6d5ZFbHSfpsxZ0LMLDUK/H+kJaFJaSl0HyxbyZMDExtjCjLzk8
+1+A9t9jkh8Jnag9YlpecZHxKKl3K7lJuq7s69uKbN9XbTTUkmw4AMa7WdNadj/t8
+SfpM3ZxZWzX6U81wQg0ZZb/fKxu8lAMZNxfgW7bnaIUBAFzNd4AE/mCOO941v8ci
+zXCNBZ5EyZGVIhxtAgMBAAECggGAfvporw2jrrwZGiBTxZdHs06bAaHMG0kcWaKK
+9E1uNf00XHgddcs5MyOHRGO81Q4jnb0rlxg502iycYKcp9/tN0v5GuXMx+SyYj8b
+48ynC0cLATSuL/3NTN3qe2ACzrRoxPRUgNxdARsKZhiKarUEVjQHEhpoXLxHG0GE
+zH9Y4tWuITCAtOH7dixrp54O9iXX8gVxs1xUv8PUv4/aonR9nA01o4Mi4ytfxW8f
+amnSbXjejjf0ihroF/iQHE4BEPEnSw/noudboZqW1fX30QJsbk13VH9BGIN2zQ06
+vnDU/VrUYfgKNGSjaeECaN7iZQ7nekzSomKFGm8yoLpgsFYjpqnGhyplDY1jE/J3
+BL4r7PVeUWiQdLqkjLxeAhcySUjGvt79UsX0N8Oa3dgOGUHz3H986l3G9Hlcgvnc
+L18qzsyIo4WNFrLAWt3nwiWM8Olj3Y6S3S8EiBeXVe1g+nuYBFwLFDCkw26WhtJ0
+sy90q6pRvL1MXOq2etcT5RcNfichAoHBANXES2CtpE7GdgAnVpYoBUng0n8qieTG
+qLkkPx5E9pr64c3pUqXVGjFY0XvZ16x0UMOC2+V1DuLea2WyPO0FmitWEXH7xfVN
+KM+3ORT5afSG0fhaIDvkPdG3QwfGZCib9g5ZOR0rxnDHVAzCx242YITUa8rn8158
+tpH0nDsvvAnVeUIMHOq5DO7zx1jcPQtcWP4vF3a37j2dOgBe4c7CCMOpP8gCGVlX
+Okr6HtNoKiKA4n5NbJNo+BKAJ8o7NrHdNwKBwQDVDiWqYve2kyGcRSowJk9gHH1f
+Ls+0MP6gLvdRoIhAihrNLws8fhI/mLBxHTBCogoumU5nWavZyKqDTf0dRJSKgQfJ
+hdkRPVWIy6crshtSRZ+dX7yFKAnXU+D+cgcximonA4Uza0WFh9OP4702VpcdlFQ8
+qmKZvFI1orLw37h8ej/Bk4MeocDBWjpa5Q/0Nk7JsuwyW/OadXM48NfJM88ZrEi/
+ZuDjNIshynG3tddoIs0nNfkoslFGOzxpMFnbRXsCgcBpEkwOoCsUAV684pkfw1oe
+HyC4GtuelLsYDaXspe8k7E4THS1fj6iJOuP04XWuMZoFD4wwc+I2Ryc43GwwAMHv
+rSV0BlIeKaf2uVOYaKPY6m/Ih9wyNBTiwRZ0euJ+R3KhSN/W485tXryEbTUDijzU
+7WhyWqJ3/grrIPWt7d+aYdBxU2zfPsgJp8+DcPWcYO7pOZJp6yxyIpcA2aJaM2uF
+aOqNz+JP1J01f02pkhirzvgFJt9IcZ8F0PI95+8Ra+8CgcAD6tesc1dkpv3mNqtY
+6UtqU/vGJUEyafg0j8iCWrZGoYNupF/Lg/Hn83HDEqtRflM7mhwD8HUlcvgXo/Z0
+dE9a4JZ5ERn1pDAPbNctCYBRGfCeXyVDOYI80FEBvKz/LzFWeE0Zre5AT0gHjENt
+XVg39gM6flODyh+k1tH9dc+ZklHbyE+P35+Arp0GENIjRmBaewy2vFQVUfWFZYBC
+Nc6oBS/tPQIDi3LHc0Z1/0TvqDwnbWmgYu71oJ8yu+3bB0MCgcB0katYynavMg3W
+w15sH/1+be5dFTXZoiajjqXmYDNkZzyLoghteu/eyxqFw8Au4hyVy5koYHN/jrzf
+1ZfXFCs3P5asCAptTH3kwgT/ER58KPOoq7cGEaut9eQ1UAc8E34b/ZISbTl/Zw05
+swOMC6ipzn70kNoPcjJN2ujSUCD9t0NKyyCAKokjFICGpCHDOdOwqtZRbKFVFSix
+/T4HAV9puGT6kDMCtjLyZ+fUOf9hgCHK3sBkBt5XrU8j6Wf/zyg=
+-----END RSA PRIVATE KEY-----