Apache/activemq-artemis
1
0
Fork 0
mirror of https://github.com/apache/activemq-artemis.git synced 2025-03-05 17:00:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

ARTEMIS-1882 verify PKCS12 keystores work

Browse Source
This commit is contained in:
Justin Bertram 2018-05-23 13:12:44 -05:00 committed by Clebert Suconic
parent e6d2607494
commit 3602713a7e
12 changed files with 40 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/CoreClientOverOneWaySSLTest.java
View File

@ -58,13 +58,18 @@ public class CoreClientOverOneWaySSLTest extends ActiveMQTestBase {
@Parameterized.Parameters(name = "storeType={0}")
public static Collection getParameters() {
return Arrays.asList(new Object[][]{{"JCEKS"}, {"JKS"}});
return Arrays.asList(new Object[][]{{"JCEKS"}, {"JKS"}, {"PKCS12"}});
}
public CoreClientOverOneWaySSLTest(String storeType) {
this.storeType = storeType;
SERVER_SIDE_KEYSTORE = "server-side-keystore." + storeType.toLowerCase();
CLIENT_SIDE_TRUSTSTORE = "client-side-truststore." + storeType.toLowerCase();
String suffix = storeType.toLowerCase();
// keytool expects PKCS12 stores to use the extension "p12"
if (storeType.equals("PKCS12")) {
suffix = "p12";
}
SERVER_SIDE_KEYSTORE = "server-side-keystore." + suffix;
CLIENT_SIDE_TRUSTSTORE = "client-side-truststore." + suffix;
}
public static final SimpleString QUEUE = new SimpleString("QueueOverSSL");
@ -97,6 +102,19 @@ public class CoreClientOverOneWaySSLTest extends ActiveMQTestBase {
* keytool -genkey -keystore verified-server-side-keystore.jceks -storetype JCEKS -storepass secureexample -keypass secureexample -dname "CN=localhost, OU=Artemis, O=ActiveMQ, L=AMQ, S=AMQ, C=AMQ"
* keytool -export -keystore verified-server-side-keystore.jceks -file activemq-jceks.cer -storetype jceks -storepass secureexample
* keytool -import -keystore verified-client-side-truststore.jceks -storetype JCEKS -file activemq-jceks.cer -storepass secureexample -keypass secureexample -noprompt
*
* Commands to create the PKCS12 artifacts:
* keytool -genkey -keystore server-side-keystore.p12 -storetype PKCS12 -storepass secureexample -keypass secureexample -dname "CN=ActiveMQ Artemis Server, OU=Artemis, O=ActiveMQ, L=AMQ, S=AMQ, C=AMQ" -keyalg RSA
* keytool -export -keystore server-side-keystore.p12 -file activemq-p12.cer -storetype PKCS12 -storepass secureexample
* keytool -import -keystore client-side-truststore.p12 -storetype PKCS12 -file activemq-p12.cer -storepass secureexample -keypass secureexample -noprompt
*
* keytool -genkey -keystore other-server-side-keystore.p12 -storetype PKCS12 -storepass secureexample -keypass secureexample -dname "CN=Other ActiveMQ Artemis Server, OU=Artemis, O=ActiveMQ, L=AMQ, S=AMQ, C=AMQ" -keyalg RSA
* keytool -export -keystore other-server-side-keystore.p12 -file activemq-p12.cer -storetype PKCS12 -storepass secureexample
* keytool -import -keystore other-client-side-truststore.p12 -storetype PKCS12 -file activemq-p12.cer -storepass secureexample -keypass secureexample -noprompt
*
* keytool -genkey -keystore verified-server-side-keystore.p12 -storetype PKCS12 -storepass secureexample -keypass secureexample -dname "CN=localhost, OU=Artemis, O=ActiveMQ, L=AMQ, S=AMQ, C=AMQ" -keyalg RSA
* keytool -export -keystore verified-server-side-keystore.p12 -file activemq-p12.cer -storetype PKCS12 -storepass secureexample
* keytool -import -keystore verified-client-side-truststore.p12 -storetype PKCS12 -file activemq-p12.cer -storepass secureexample -keypass secureexample -noprompt
*/
private String storeType;
private String SERVER_SIDE_KEYSTORE;

24
tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/ssl/CoreClientOverTwoWaySSLTest.java
View File

@ -58,15 +58,20 @@ public class CoreClientOverTwoWaySSLTest extends ActiveMQTestBase {
@Parameterized.Parameters(name = "storeType={0}")
public static Collection getParameters() {
return Arrays.asList(new Object[][]{{"JCEKS"}, {"JKS"}});
return Arrays.asList(new Object[][]{{"JCEKS"}, {"JKS"}, {"PKCS12"}});
}
public CoreClientOverTwoWaySSLTest(String storeType) {
this.storeType = storeType;
SERVER_SIDE_KEYSTORE = "server-side-keystore." + storeType.toLowerCase();
SERVER_SIDE_TRUSTSTORE = "server-side-truststore." + storeType.toLowerCase();
CLIENT_SIDE_TRUSTSTORE = "client-side-truststore." + storeType.toLowerCase();
CLIENT_SIDE_KEYSTORE = "client-side-keystore." + storeType.toLowerCase();
String suffix = storeType.toLowerCase();
// keytool expects PKCS12 stores to use the extension "p12"
if (storeType.equals("PKCS12")) {
suffix = "p12";
}
SERVER_SIDE_KEYSTORE = "server-side-keystore." + suffix;
SERVER_SIDE_TRUSTSTORE = "server-side-truststore." + suffix;
CLIENT_SIDE_TRUSTSTORE = "client-side-truststore." + suffix;
CLIENT_SIDE_KEYSTORE = "client-side-keystore." + suffix;
}
public static final SimpleString QUEUE = new SimpleString("QueueOverSSL");
@ -91,6 +96,15 @@ public class CoreClientOverTwoWaySSLTest extends ActiveMQTestBase {
* keytool -genkey -keystore verified-client-side-keystore.jceks -storetype JCEKS -storepass secureexample -keypass secureexample -dname "CN=localhost, OU=Artemis, O=ActiveMQ, L=AMQ, S=AMQ, C=AMQ" -keyalg RSA
* keytool -export -keystore verified-client-side-keystore.jceks -file activemq-jceks.cer -storetype jceks -storepass secureexample
* keytool -import -keystore verified-server-side-truststore.jceks -storetype JCEKS -file activemq-jceks.cer -storepass secureexample -keypass secureexample -noprompt
*
* Commands to create the PKCS12 artifacts:
* keytool -genkey -keystore client-side-keystore.p12 -storetype PKCS12 -storepass secureexample -keypass secureexample -dname "CN=ActiveMQ Artemis Client, OU=Artemis, O=ActiveMQ, L=AMQ, S=AMQ, C=AMQ" -keyalg RSA
* keytool -export -keystore client-side-keystore.p12 -file activemq-p12.cer -storetype PKCS12 -storepass secureexample
* keytool -import -keystore server-side-truststore.p12 -storetype PKCS12 -file activemq-p12.cer -storepass secureexample -keypass secureexample -noprompt
*
* keytool -genkey -keystore verified-client-side-keystore.p12 -storetype PKCS12 -storepass secureexample -keypass secureexample -dname "CN=localhost, OU=Artemis, O=ActiveMQ, L=AMQ, S=AMQ, C=AMQ" -keyalg RSA
* keytool -export -keystore verified-client-side-keystore.p12 -file activemq-p12.cer -storetype PKCS12 -storepass secureexample
* keytool -import -keystore verified-server-side-truststore.p12 -storetype PKCS12 -file activemq-p12.cer -storepass secureexample -keypass secureexample -noprompt
*/
private String storeType;

BIN
tests/unit-tests/src/test/resources/client-side-keystore.p12 Normal file
View File

Binary file not shown.

BIN
tests/unit-tests/src/test/resources/client-side-truststore.p12 Normal file
View File

Binary file not shown.

BIN
tests/unit-tests/src/test/resources/other-client-side-truststore.p12 Normal file
View File

Binary file not shown.

BIN
tests/unit-tests/src/test/resources/other-server-side-keystore.p12 Normal file
View File

Binary file not shown.

BIN
tests/unit-tests/src/test/resources/server-side-keystore.p12 Normal file
View File

Binary file not shown.

BIN
tests/unit-tests/src/test/resources/server-side-truststore.p12 Normal file
View File

Binary file not shown.

BIN
tests/unit-tests/src/test/resources/verified-client-side-keystore.p12 Normal file
View File

Binary file not shown.

BIN
tests/unit-tests/src/test/resources/verified-client-side-truststore.p12 Normal file
View File

Binary file not shown.

BIN
tests/unit-tests/src/test/resources/verified-server-side-keystore.p12 Normal file
View File

Binary file not shown.

BIN
tests/unit-tests/src/test/resources/verified-server-side-truststore.p12 Normal file
View File

Binary file not shown.