Gravitee.io Common

Unit tests

Generate keystores

This section presents how to generate the different keystores use by the unit tests.

Generate Certificate Authority

openssl req -newkey rsa:4096 -keyform PEM -keyout ca.key -x509 -days 36500 -subj "/[email protected]/CN=unit-tests/OU=GraviteeSource/O=GraviteeSource/L=Lille/ST=France/C=FR" -passout pass:ca-secret -outform PEM -out ca.pem
openssl pkcs12 -export -inkey ca.key -in ca.pem -out ca.p12 -passin pass:ca-secret -passout pass:ca-secret -name ca

Generate localhost keystore

openssl genrsa -out localhost.key 4096
openssl req -new -key localhost.key -out localhost.csr -sha256 -subj "/[email protected]/CN=localhost/OU=GraviteeSource/O=GraviteeSource/L=Lille/ST=France/C=FR"
openssl x509 -req -in localhost.csr -CA ca.pem -CAkey ca.key -set_serial 100 -extensions server -days 36500 -outform PEM -out localhost.cer -sha256 -passin pass:ca-secret
openssl pkcs12 -export -inkey localhost.key -in localhost.cer -out localhost.p12 -passout pass:secret -name localhost
keytool -importkeystore -srckeystore localhost.p12 -destkeystore localhost.jks -srcstoretype PKCS12 -deststoretype JKS -srcstorepass secret -deststorepass secret -v

Generate localhost2 keystore

openssl genrsa -out localhost2.key 4096
openssl req -new -key localhost2.key -out localhost2.csr -sha256 -subj "/[email protected]/CN=localhost2/OU=GraviteeSource/O=GraviteeSource/L=Lille/ST=France/C=FR"
openssl x509 -req -in localhost2.csr -CA ca.pem -CAkey ca.key -set_serial 100 -extensions server -days 36500 -outform PEM -out localhost2.cer -sha256 -passin pass:ca-secret
openssl pkcs12 -export -inkey localhost2.key -in localhost2.cer -out localhost2.p12 -passout pass:secret -name localhost2
keytool -importkeystore -srckeystore localhost2.p12 -destkeystore localhost2.jks -srcstoretype PKCS12 -deststoretype JKS -srcstorepass secret -deststorepass secret -v

Generate localhost3 keystore with SAN (Subject Alternative Name)

echo "[ req ]\ndistinguished_name = req_distinguished_name\nreq_extensions = v3_req\nextensions = server\nprompt = no\nO = GraviteeSource\nL = Lille\nST = France\n\n[ v3_req ]\nsubjectAltName = @alt_names\n[alt_names]\nDNS.1 = xyz.localhost.com" > localhost3-san.cnf
openssl genrsa -out localhost3.key 4096
openssl req -new -key localhost3.key -out localhost3.csr -sha256 -subj "/[email protected]/CN=localhost3/OU=GraviteeSource/O=GraviteeSource/L=Lille/ST=France/C=FR"
openssl x509 -req -in localhost3.csr -CA ca.pem -CAkey ca.key -set_serial 100 -extensions server -days 36500 -outform PEM -out localhost3.cer -sha256 -passin pass:ca-secret -extensions v3_req -extfile localhost3-san.cnf
openssl pkcs12 -export -inkey localhost3.key -in localhost3.cer -out localhost3.p12 -passout pass:secret -name localhost3
keytool -importkeystore -srckeystore localhost3.p12 -destkeystore localhost3.jks -srcstoretype PKCS12 -deststoretype JKS -srcstorepass secret -deststorepass secret -v

Generate wildcard keystore

openssl genrsa -out wildcard.key 4096
penssl req -new -key wildcard.key -out wildcard.csr -sha256 -subj "/[email protected]/CN=*.localhost.com/OU=GraviteeSource/O=GraviteeSource/L=Lille/ST=France/C=FR"
openssl x509 -req -in wildcard.csr -CA ca.pem -CAkey ca.key -set_serial 100 -extensions server -days 36500 -outform PEM -out wildcard.cer -sha256 -passin pass:ca-secret
openssl pkcs12 -export -inkey wildcard.key -in wildcard.cer -out wildcard.p12 -passout pass:secret -name wildcard
keytool -importkeystore -srckeystore wildcard.p12 -destkeystore wildcard.jks -srcstoretype PKCS12 -deststoretype JKS -srcstorepass secret -deststorepass secret -v

Create an all-in-one keystore

keytool -importkeystore -srckeystore localhost.p12 -destkeystore all-in-one.p12 -srcstoretype PKCS12 -deststoretype PKCS12 -srcstorepass secret -deststorepass secret -v
keytool -importkeystore -srckeystore localhost2.p12 -destkeystore all-in-one.p12 -srcstoretype PKCS12 -deststoretype PKCS12 -srcstorepass secret -deststorepass secret -v
keytool -importkeystore -srckeystore localhost3.p12 -destkeystore all-in-one.p12 -srcstoretype PKCS12 -deststoretype PKCS12 -srcstorepass secret -deststorepass secret -v
keytool -importkeystore -srckeystore wildcard.p12 -destkeystore all-in-one.p12 -srcstoretype PKCS12 -deststoretype PKCS12 -srcstorepass secret -deststorepass secret -v
keytool -importkeystore -srckeystore all-in-one.p12 -destkeystore all-in-one.jks -srcstoretype PKCS12 -deststoretype JKS -srcstorepass secret -deststorepass secret -v

Generate a PKCS#8 private key

openssl genpkey -out rsakey.pem -algorithm RSA -pkeyopt rsa_keygen_bits:2048

Name		Name	Last commit message	Last commit date
Latest commit History 366 Commits
.circleci		.circleci
.github		.github
src		src
.gitignore		.gitignore
.prettierrc		.prettierrc
CHANGELOG.md		CHANGELOG.md
CONTRIBUTING.adoc		CONTRIBUTING.adoc
LICENSE.txt		LICENSE.txt
README.adoc		README.adoc
pom.xml		pom.xml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Gravitee.io Common

Unit tests

Generate keystores

About

Releases 37

Packages

Contributors 22

Languages

License

gravitee-io/gravitee-common

Folders and files

Latest commit

History

Repository files navigation

Gravitee.io Common

Unit tests

Generate keystores

About

Topics

Resources

License

Stars

Watchers

Forks

Releases 37

Packages 0

Contributors 22

Languages

Packages