Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

#9397 fix keystores with invalid Subject Alternate Names 

Signed-off-by: Ludovic Orban <lorban@bitronix.be>
This commit is contained in:
Ludovic Orban 2023-05-16 14:47:03 +02:00
parent b3b1d93152
commit e30b23aca6
13 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
jetty-client/src/test/resources/client_keystore.p12
View File

Binary file not shown.

BIN
jetty-client/src/test/resources/keystore.p12
View File

Binary file not shown.

2
jetty-client/src/test/resources/readme_keystores.txt
View File

@ -3,7 +3,7 @@ Since OpenJDK 13.0.2/11.0.6 it is required that CA certificates have the extensi
The keystores are generated in the following way:
# Generates the server keystore. Note the BasicConstraint=CA:true extension.
$ keytool -v -genkeypair -validity 36500 -keyalg RSA -keysize 2048 -keystore keystore.p12 -storetype pkcs12 -dname "CN=localhost, OU=Jetty, O=Webtide, L=Omaha, S=NE, C=US" -ext bc=ca:true -ext san=ip:127.0.0.1,ip:[::1]
$ keytool -v -genkeypair -validity 36500 -keyalg RSA -keysize 2048 -keystore keystore.p12 -storetype pkcs12 -dname "CN=localhost, OU=Jetty, O=Webtide, L=Omaha, S=NE, C=US" -ext bc=ca:true -ext san=ip:127.0.0.1,ip:[::1],dns:localhost
# Export the server certificate.
$ keytool -v -export -keystore keystore.p12 -rfc -file server.crt

BIN
jetty-http2/http2-client/src/test/resources/keystore.p12
View File

Binary file not shown.

BIN
jetty-http3/http3-tests/src/test/resources/keystore.p12
View File

Binary file not shown.

BIN
jetty-quic/quic-client/src/test/resources/keystore.p12
View File

Binary file not shown.

2
jetty-quic/quic-quiche/quic-quiche-foreign-incubator/src/test/java/org/eclipse/jetty/quic/quiche/foreign/incubator/LowLevelQuicheTest.java
View File

@ -287,7 +287,7 @@ public class LowLevelQuicheTest
for (String proto : clientQuicheConfig.getApplicationProtos())
protosLen += 1 + proto.getBytes(StandardCharsets.UTF_8).length;
drainServerToFeedClient(entry, 300 + protosLen);
drainServerToFeedClient(entry, 420 + protosLen);
assertThat(serverQuicheConnection.isConnectionEstablished(), is(false));
assertThat(clientQuicheConnection.isConnectionEstablished(), is(true));

BIN
jetty-quic/quic-quiche/quic-quiche-foreign-incubator/src/test/resources/keystore.p12
View File

Binary file not shown.

2
jetty-quic/quic-quiche/quic-quiche-jna/src/test/java/org/eclipse/jetty/quic/quiche/jna/LowLevelQuicheTest.java
View File

@ -286,7 +286,7 @@ public class LowLevelQuicheTest
for (String proto : clientQuicheConfig.getApplicationProtos())
protosLen += 1 + proto.getBytes(LibQuiche.CHARSET).length;
drainServerToFeedClient(entry, 300 + protosLen);
drainServerToFeedClient(entry, 420 + protosLen);
assertThat(serverQuicheConnection.isConnectionEstablished(), is(false));
assertThat(clientQuicheConnection.isConnectionEstablished(), is(true));

BIN
jetty-quic/quic-quiche/quic-quiche-jna/src/test/resources/keystore.p12
View File

Binary file not shown.

BIN
jetty-quic/quic-server/src/test/resources/keystore.p12
View File

Binary file not shown.

BIN
jetty-server/src/test/resources/keystore.p12
View File

Binary file not shown.

BIN
tests/test-http-client-transport/src/test/resources/keystore.p12
View File

Binary file not shown.