test: update active directory certificate

This change removes the old active directory certificate and replaces it with the AD
CA certificate that is valid until 2029 instead of needing to be changed yearly.

Closes elastic/elasticsearch#2440

Original commit: elastic/x-pack-elasticsearch@2f05bdfd01
This commit is contained in:
jaymode 2016-06-07 08:56:42 -04:00
parent 41ea6ee515
commit 370406bdc0
7 changed files with 24 additions and 41 deletions

View File

@ -6,7 +6,6 @@
package org.elasticsearch.shield.authc.activedirectory; package org.elasticsearch.shield.authc.activedirectory;
import com.unboundid.ldap.sdk.Filter; import com.unboundid.ldap.sdk.Filter;
import org.apache.lucene.util.LuceneTestCase;
import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.unit.TimeValue; import org.elasticsearch.common.unit.TimeValue;
import org.elasticsearch.shield.authc.ldap.GroupsResolverTestCase; import org.elasticsearch.shield.authc.ldap.GroupsResolverTestCase;
@ -23,7 +22,6 @@ import static org.hamcrest.Matchers.hasItem;
import static org.hamcrest.Matchers.is; import static org.hamcrest.Matchers.is;
@Network @Network
@LuceneTestCase.AwaitsFix(bugUrl = "https://github.com/elastic/x-plugins/issues/2440")
public class ActiveDirectoryGroupsResolverTests extends GroupsResolverTestCase { public class ActiveDirectoryGroupsResolverTests extends GroupsResolverTestCase {
public static final String BRUCE_BANNER_DN = "cn=Bruce Banner,CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com"; public static final String BRUCE_BANNER_DN = "cn=Bruce Banner,CN=Users,DC=ad,DC=test,DC=elasticsearch,DC=com";

View File

@ -217,7 +217,7 @@ public class ShieldSettingsSource extends ClusterDiscoveryConfiguration.UnicastZ
return getSSLSettingsForPEMFiles("/org/elasticsearch/shield/transport/ssl/certs/simple/testnode.pem", "testnode", return getSSLSettingsForPEMFiles("/org/elasticsearch/shield/transport/ssl/certs/simple/testnode.pem", "testnode",
Collections.singletonList("/org/elasticsearch/shield/transport/ssl/certs/simple/testnode.crt"), Collections.singletonList("/org/elasticsearch/shield/transport/ssl/certs/simple/testnode.crt"),
Arrays.asList("/org/elasticsearch/shield/transport/ssl/certs/simple/testnode-client-profile.crt", Arrays.asList("/org/elasticsearch/shield/transport/ssl/certs/simple/testnode-client-profile.crt",
"/org/elasticsearch/shield/transport/ssl/certs/simple/activedir.crt", "/org/elasticsearch/shield/transport/ssl/certs/simple/active-directory-ca.crt",
"/org/elasticsearch/shield/transport/ssl/certs/simple/testclient.crt", "/org/elasticsearch/shield/transport/ssl/certs/simple/testclient.crt",
"/org/elasticsearch/shield/transport/ssl/certs/simple/openldap.crt", "/org/elasticsearch/shield/transport/ssl/certs/simple/openldap.crt",
"/org/elasticsearch/shield/transport/ssl/certs/simple/testnode.crt"), "/org/elasticsearch/shield/transport/ssl/certs/simple/testnode.crt"),

View File

@ -0,0 +1,23 @@
-----BEGIN CERTIFICATE-----
MIID1zCCAr+gAwIBAgIQWA24rVK7FopAgOHfEio/VjANBgkqhkiG9w0BAQsFADB+
MRMwEQYKCZImiZPyLGQBGRYDY29tMR0wGwYKCZImiZPyLGQBGRYNZWxhc3RpY3Nl
YXJjaDEUMBIGCgmSJomT8ixkARkWBHRlc3QxEjAQBgoJkiaJk/IsZAEZFgJhZDEe
MBwGA1UEAxMVYWQtRUxBU1RJQ1NFQVJDSEFELUNBMB4XDTE0MDgyNzE2MjI0MloX
DTI5MDgyNzE2MzI0MlowfjETMBEGCgmSJomT8ixkARkWA2NvbTEdMBsGCgmSJomT
8ixkARkWDWVsYXN0aWNzZWFyY2gxFDASBgoJkiaJk/IsZAEZFgR0ZXN0MRIwEAYK
CZImiZPyLGQBGRYCYWQxHjAcBgNVBAMTFWFkLUVMQVNUSUNTRUFSQ0hBRC1DQTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALNNZsDJ+lhsE/pCIkNlq6/F
xwv3PU2M+E1/SbWrLEtfbb1ATnn98DwxjpCj00wS0bt26/7zrhHKyX5LaxyS27ER
8bKpLSO4qcVWzDIQnVNk2XfBrYS/Og+6Pi/Lw/ylt/vE++kHWIJBc4O6i+pPByOM
oypM6bh71kTkpK8OTPqf+HiPp0qKhRah6XVtqTc+kOCOku2+wkELbCz8RNzF9ca6
Uu3YxLi73pNdk0wDTmg6JVaUyVRpSkjJH4BAp9SVma6Rxy6tbh4e5P+8K8lY9ptM
TBzTsDS1EhNK/92xULfQbGT814Z294pF3ARMEJ89N+aegS++kz7CqjciZ1+bA6EC
AwEAAaNRME8wCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
FIEKG0KdSVNknKcMZkbTlKo7N8MjMBAGCSsGAQQBgjcVAQQDAgEAMA0GCSqGSIb3
DQEBCwUAA4IBAQBgbWBXPbEMTEsiVWzoxmTw1wJASBdPahx6CggutjGq3ASjby4p
nVCTwE4xdDEVyFGmeslSp9+23XjBuaiqVPtYw8P8hnG269J0q4cOF/VXOccRLeOw
HVDBv2a7xzgBSwc1KB50TLv07stcBmBYNu8anN6EwGksdgjb8IjRV6U3U+IvFNrI
rGifuIc/iRZD4Clhnpxw8tCsgcrcmz9CU7CN5RxKVEpZ6ou6ZjHO8l8H0t9zWrSI
PL+33iBGHNWlyU63N93XgJtxV1em1hHryLtTTtaVZJJ3R0OrLrUpG8SQ7zCUy62f
YtImFPClUMXY03yH+4DAhflueRvY/D1AKL12
-----END CERTIFICATE-----

View File

@ -1,38 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIGkjCCBXqgAwIBAgITSwAAAAP/F57VuIEUDQAAAAAAAzANBgkqhkiG9w0BAQsF
ADB+MRMwEQYKCZImiZPyLGQBGRYDY29tMR0wGwYKCZImiZPyLGQBGRYNZWxhc3Rp
Y3NlYXJjaDEUMBIGCgmSJomT8ixkARkWBHRlc3QxEjAQBgoJkiaJk/IsZAEZFgJh
ZDEeMBwGA1UEAxMVYWQtRUxBU1RJQ1NFQVJDSEFELUNBMB4XDTE1MDcxNjE4MzI1
MFoXDTE2MDcxNTE4MzI1MFowODE2MDQGA1UEAxMtRWxhc3RpY1NlYXJjaEFkVGVz
dC5hZC50ZXN0LmVsYXN0aWNzZWFyY2guY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqO9hYAASE1ZFdTnm784j58JvpQySpx81LvecQl4gE4d2yJk6
9ibn8cgfGF+P+n/WRXwhb9C2oZeHnou2WokhDbw1Q+iOtRjIYP+P6s9KXBRaA71D
+yvFfgFSHl3k1gd+BP2KGdfrs4ElFX4uZCNFtYDH7LFDWT1Ens3cHcyxB+zGewmY
1xox2LrQcUPNu2XRoSFZUNulj1UOQgJXAuslyzUOt4Djmz1195hbYB6kaR9noZJn
mMyzWAMjAzEdF4/ivHWZR9BNFwwJXgwOKldbGiDuYi/x9XLrNoY5A2UZ1tlVB/Yv
k1o0e8gL+C2U0ZK1yp/qbxCYpB4fx4Tui8gyQwIDAQABo4IDTTCCA0kwLwYJKwYB
BAGCNxQCBCIeIABEAG8AbQBhAGkAbgBDAG8AbgB0AHIAbwBsAGwAZQByMB0GA1Ud
JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAOBgNVHQ8BAf8EBAMCBaAweAYJKoZI
hvcNAQkPBGswaTAOBggqhkiG9w0DAgICAIAwDgYIKoZIhvcNAwQCAgCAMAsGCWCG
SAFlAwQBKjALBglghkgBZQMEAS0wCwYJYIZIAWUDBAECMAsGCWCGSAFlAwQBBTAH
BgUrDgMCBzAKBggqhkiG9w0DBzBZBgNVHREEUjBQoB8GCSsGAQQBgjcZAaASBBA6
UzhVceE7RKuubA/hfhl9gi1FbGFzdGljU2VhcmNoQWRUZXN0LmFkLnRlc3QuZWxh
c3RpY3NlYXJjaC5jb20wHQYDVR0OBBYEFIHEUmmmaXZ3cmIuSAgVikHSiKcqMB8G
A1UdIwQYMBaAFIEKG0KdSVNknKcMZkbTlKo7N8MjMIHzBgNVHR8EgeswgegwgeWg
geKggd+GgdxsZGFwOi8vL0NOPWFkLUVMQVNUSUNTRUFSQ0hBRC1DQSxDTj1FbGFz
dGljU2VhcmNoQWRUZXN0LENOPUNEUCxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNl
cyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPWFkLERDPXRlc3QsREM9
ZWxhc3RpY3NlYXJjaCxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9i
YXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MIHbBggrBgEFBQcB
AQSBzjCByzCByAYIKwYBBQUHMAKGgbtsZGFwOi8vL0NOPWFkLUVMQVNUSUNTRUFS
Q0hBRC1DQSxDTj1BSUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2Vy
dmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1hZCxEQz10ZXN0LERDPWVsYXN0aWNz
ZWFyY2gsREM9Y29tP2NBQ2VydGlmaWNhdGU/YmFzZT9vYmplY3RDbGFzcz1jZXJ0
aWZpY2F0aW9uQXV0aG9yaXR5MA0GCSqGSIb3DQEBCwUAA4IBAQCP0mbcAsnw7qxt
jCSR38k0BteM0iEkR43ZrrBPLC/TlhULzC25EdFnZrb0cjd8UxTFEQo2UfTmw0Aj
IGe/N2CNvnwwq2hevK9IYAwQNj+0CB9LKdHztIBumxWj7a02rZpLSxuTMbljVEHT
yWGGDbndFUlAM6yOUAgHDiBLL9q2Ar6mqzd1XIs2MdqKbHgE8mhsmwm4vpKGg2hx
VfBYv/6RUw3M9+ep6PEGo6bYbcDbBMfLz4GR/hTm00MyhunYDYeuBUEn1SA/JOBK
c+Mcv8SNpQeAHIhdLYyzgIIqeBOFvz25kkPZvdHZzT4lNkSc7+v3pycrT7Pgk7s3
aGRGqK0c
-----END CERTIFICATE-----