diff --git a/spring-security-modules/spring-security-x509/README.md b/spring-security-modules/spring-security-x509/README.md index b1eb0debf5..da431d862c 100644 --- a/spring-security-modules/spring-security-x509/README.md +++ b/spring-security-modules/spring-security-x509/README.md @@ -4,3 +4,10 @@ This module contains articles about X.509 authentication with Spring Security ### Relevant Articles: - [X.509 Authentication in Spring Security](https://www.baeldung.com/x-509-authentication-in-spring-security) + +###### Note for the [X.509 Authentication in Spring Security](https://www.baeldung.com/x-509-authentication-in-spring-security): +All the ready to use certificates are located in the [store](store) directory. The application is already configured to use these files. +This means the app works out of the box. + +However, it's highly recommended that you follow the article step by step and generate all the needed files by yourself. +This will let you understand the topic more deeply. \ No newline at end of file diff --git a/spring-security-modules/spring-security-x509/spring-security-x509-basic-auth/src/main/resources/application.properties b/spring-security-modules/spring-security-x509/spring-security-x509-basic-auth/src/main/resources/application.properties index 208cc90b47..0ba5fa1b8c 100644 --- a/spring-security-modules/spring-security-x509/spring-security-x509-basic-auth/src/main/resources/application.properties +++ b/spring-security-modules/spring-security-x509/spring-security-x509-basic-auth/src/main/resources/application.properties @@ -1,4 +1,4 @@ -server.ssl.key-store=store/keystore.jks +server.ssl.key-store=../store/keystore.jks server.ssl.key-store-password=changeit server.ssl.key-alias=localhost server.ssl.key-password=changeit diff --git a/spring-security-modules/spring-security-x509/spring-security-x509-client-auth/src/main/resources/application.properties b/spring-security-modules/spring-security-x509/spring-security-x509-client-auth/src/main/resources/application.properties index b841a37916..fc2fc89396 100644 --- a/spring-security-modules/spring-security-x509/spring-security-x509-client-auth/src/main/resources/application.properties +++ b/spring-security-modules/spring-security-x509/spring-security-x509-client-auth/src/main/resources/application.properties @@ -1,4 +1,4 @@ -server.ssl.key-store=store/keystore.jks +server.ssl.key-store=../store/keystore.jks server.ssl.key-store-password=changeit server.ssl.key-alias=localhost server.ssl.key-password=changeit @@ -6,6 +6,6 @@ server.ssl.enabled=true server.port=8443 spring.security.user.name=Admin spring.security.user.password=admin -server.ssl.trust-store=store/truststore.jks +server.ssl.trust-store=../store/truststore.jks server.ssl.trust-store-password=changeit server.ssl.client-auth=need \ No newline at end of file diff --git a/spring-security-modules/spring-security-x509/store/clientBob.p12 b/spring-security-modules/spring-security-x509/store/clientBob.p12 index e5d6dbcefb..b5de8ab129 100644 Binary files a/spring-security-modules/spring-security-x509/store/clientBob.p12 and b/spring-security-modules/spring-security-x509/store/clientBob.p12 differ diff --git a/spring-security-modules/spring-security-x509/store/keystore.jks b/spring-security-modules/spring-security-x509/store/keystore.jks index 8650651a1e..c317c1d5ba 100644 Binary files a/spring-security-modules/spring-security-x509/store/keystore.jks and b/spring-security-modules/spring-security-x509/store/keystore.jks differ diff --git a/spring-security-modules/spring-security-x509/store/localhost.ext b/spring-security-modules/spring-security-x509/store/localhost.ext new file mode 100644 index 0000000000..45324cc75a --- /dev/null +++ b/spring-security-modules/spring-security-x509/store/localhost.ext @@ -0,0 +1,5 @@ +authorityKeyIdentifier=keyid,issuer +basicConstraints=CA:FALSE +subjectAltName = @alt_names +[alt_names] +DNS.1 = localhost diff --git a/spring-security-modules/spring-security-x509/store/rootCA.crt b/spring-security-modules/spring-security-x509/store/rootCA.crt index 12677eb99f..b2ab681744 100644 --- a/spring-security-modules/spring-security-x509/store/rootCA.crt +++ b/spring-security-modules/spring-security-x509/store/rootCA.crt @@ -1,30 +1,30 @@ -----BEGIN CERTIFICATE----- -MIIFDzCCAvegAwIBAgIUHBIbl/8i0uLnPD8BuNHninzcqEMwDQYJKoZIhvcNAQEL -BQAwFzEVMBMGA1UEAwwMQmFlbGR1bmcuY29tMB4XDTIwMDQxOTE2MTYyOFoXDTMw -MDQxNzE2MTYyOFowFzEVMBMGA1UEAwwMQmFlbGR1bmcuY29tMIICIjANBgkqhkiG -9w0BAQEFAAOCAg8AMIICCgKCAgEAx5UzDt8Q+p8fAERc8mb8vPJTMi1oTe3YsMjj -QsMpRJBjVyQ2BLe0AzevQjDthCD56sv+u6EoBibIDQ3rtXUpTi20XQU6aaU6tsmG -QBp/PapXU0qoRzoyTPjSpkjp8/VngH52adeQ0YFSQQfxzcFsEpIlceKC8bSqplQg -mM9GoRLzEHu8JoLtHHQvZhTZabB/t0SUNy6O848OmoEjW2PCyMG/XczP0BlSFDT/ -3FIJlTnKe+MfhXxbYuydQQbStoDuRqkHxprjRaCT/PXeEuW68FahyiTgeKL5Ite9 -NI0k37mRsO/gMPIMgJDU0Soz0zcaRZdQDrxTZBk43i2O/LSwPtcpxvOy5JCLJSP7 -Ff6yx6BkkIAxLrWZGIQ0DiL4L+XocjEy3WMhzQ/ka6M1Zi0JxCRBOPpV2yO1GE7U -NUVvHaHijiJlXGZ/YGzplkLGaPIPGLHRsJFf9+IDepyJ9+E2mKD1rXAYXrcGW/Hk -Is1A2Je0iH4IjYTrieMSuHG4Jb0fytMAPoFOXnLS18xv7CPX0m9M2OIL9/kFfI+f -4M7/mEOUwQw+Jt9EAz9QsjUdZ0ybT0gtq9GaIHBo844YbyEKe7Hzp5Msk4/+3qJz -FHyC8ay73jkLDv1jOKr9D/wd/TOfSrytktcP+y96+gUdp1RxMxv9hfFSAZ0lXd2E -X18X6RECAwEAAaNTMFEwHQYDVR0OBBYEFPIRVQmLHgzCWfvENpeURm3jt2K4MB8G -A1UdIwQYMBaAFPIRVQmLHgzCWfvENpeURm3jt2K4MA8GA1UdEwEB/wQFMAMBAf8w -DQYJKoZIhvcNAQELBQADggIBAGa6bvEvira9FJ559bRvnqNsdaybj++Q9ItRyejs -BvLupLhhCnFWC1rX3WufpyGxgQCu4Lng+ZXtJxSo4dJL4wXDf5U+/EgL0nNQXhQh -kcqm2k1GBgAPnKEt+9nF3326EchI7Vx7JV4AO89ifdfc3Z7q9MOWE4siro6JtK7l -WWfv7LwT9QdDW/Ww7wUAOKdJYlUBzqMYHwEBnIhNMyuFejDzc2GmkZiIjFq5bKoN -FpsjHCkPH4DdDhQKdwa1JRvML7r8IkVqL3NoSp2vkB07MkRiHtQL5R2/wI/WhiK2 -19YPeEP2fQc5NduFAqyz8VaxwskwtjCjUxJHKpEzUTa1n53X+0jx6yw7bmDnE4SW -JEq9563apphJWeFTGCSuTvc98TcZvxWDW8FeLoaWdBF+Tohddje10BW2IUvrSJHI -jh0LpWIJ6QTY+amwLF2USSgnBZwPZT34PS81FYmA1bn/Sa6uWc/dPZg9lvwKU6ta -Z9K4loc8OF+FXQHruV+3tqzXybR9dZG3fvW4RPR9BgxApzSw8lYKAfR5Lth7ihVi -/zlxZjvbXy0D+4xPg5OGwn3g/3n4XLhAMT87KvHc9VjbHt6uwmLgny+6Dw9JXuTC -R004LuQe3wfUye4x9WmQD5Zlg1dENvezCG8l9z5LRUDF+Rh0qXPMpUCaCuT3TvEN -clOH +MIIFDzCCAvegAwIBAgIUDmhG1yLlF83ydOWPit8/MYNbaC8wDQYJKoZIhvcNAQEL +BQAwFzEVMBMGA1UEAwwMQmFlbGR1bmcuY29tMB4XDTIwMDQyMjE1MzEyMFoXDTMw +MDQyMDE1MzEyMFowFzEVMBMGA1UEAwwMQmFlbGR1bmcuY29tMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAmkOSeQRQBQdoJio7Odm19kKVm4Y1ju1zscGM +LBWQ4GU8d3Y5AiOVzHtYUbKyJvmmUSYOH/mYdQ8F5nKKaXhTz92LIMnSXnusAqdD +YSvKa+mBoMLsd4Gl9lljipTvRwkkPlPXGVBDEVzXPf32l+5YxpGZzyVyj0WYT1cP +sZyThbOwue4h6gwer4SZ0HNPSts8TG7oiA4UTZSN5hhhbJmRBc87Xz+hJOMayZp6 +HA3tGTlrTkP/Vc3nii/G9tBeydmTTKj+BGFQW4qzDG6nJVvYyB4iri4ActREREGD +ycPS7SVXqEcA4rvSMR7DYoHVLkOg0uiQDWtj4zYcN9qgWVjcnIlUSPxrCgdJbakl +lRzrVpbkdlOC3hFSytoOBmCPS56gJ5npeLFh6IoPPdoXJwIXIJ1twCWtKzvlvlzb +DkMDytRVk2LYjh7IvtAWPTz5QofRdd2fW6iAWPdWbwcnq1xjO5BT8uGj+zOiA19/ +T2YebwD+pLAUM2w0ykLm+bH+DiSRa76wpKxuo6sSUefkeEt8Avojwh8nNbEOvXhf +El4zyimwTlfUYnaKEllUjRWVPhQPGCeCBHe1ES8UFf8hqGS2LRjKAZK70OcFdLyd +18sas/EXkNbd+Mpgata/zO9Oy/3h+xY426T5bPAt+wU38yMUaE+z5BS84m2GOtuQ +nC3a/HcCAwEAAaNTMFEwHQYDVR0OBBYEFFyRjr/LWlOZHv7JU7kQ1g76nq4SMB8G +A1UdIwQYMBaAFFyRjr/LWlOZHv7JU7kQ1g76nq4SMA8GA1UdEwEB/wQFMAMBAf8w +DQYJKoZIhvcNAQELBQADggIBAJWjUR/HBw5f7ogfyCVK/5fJutOFIIHqzNhExvDe +5wu9msPRAj+5ruGHtMWwOKm5qT82gZKJnAVct8XZXTIHU8mKS5Lbk02hu3e2tR/0 +RCzH4TCCD3fDJaW/jAZyU3oPtvcCaSmPwibG7SvDXtUvSSwCW8Omg7WqhnSWGUOn +WH3105lw8UKRTg57CaNu0GunqO4r0GcrgVShNKjCvNv7nGcP3+KWouZekBdn/iY5 +3Q8llL8WUMOHRwH6Raa6CV+vckCthUSpJdBAgGN44QtkA0iL/afVuE7VuTqsnCBA +nbOz/ssZOP0TUVYwoRiDN50gJdB8IKMHZu9Px2m7fJuGgZ7QDe56+tePypgM9KDq +yx4MKMP3Qc5xLE4pGM9SI1sGo+waW0+gPShNECHY4z8fOHw5bn+J1mrEWQbHfMGg +Z/352qps5Hd6PljLAHmWAJL2nXS2zlXbccdYuv4ZtNIeDUT8eX/9NuJdXrITq9QQ +oSBmyzH1bUJi2/mULcFy0Ibcu+OY/r8t67NrGKwLPLyozScwnFQE9SZR9d2cu6sC +yxQtcd68vdvAIEDTk4DcSldeT44HIJ7RYQuBNZ5NU3SngMLDleec/3AZSUXTExFW +TrbMTb+djM+XcTkRyO0wO0MYpjKGqN3sAGfppx0G9kgmJ9HB38nZfvqj3G1L9YFQ +6kSA -----END CERTIFICATE----- diff --git a/spring-security-modules/spring-security-x509/store/truststore.jks b/spring-security-modules/spring-security-x509/store/truststore.jks index 56654d8894..1d0d200580 100644 Binary files a/spring-security-modules/spring-security-x509/store/truststore.jks and b/spring-security-modules/spring-security-x509/store/truststore.jks differ