Git Product home page Git Product logo

gravitee-common's Introduction

Gravitee.io Common

Build status Join the community forum

Unit tests

Generate keystores

This section presents how to generate the different keystores use by the unit tests.

Generate Certificate Authority

openssl req -newkey rsa:4096 -keyform PEM -keyout ca.key -x509 -days 36500 -subj "/[email protected]/CN=unit-tests/OU=GraviteeSource/O=GraviteeSource/L=Lille/ST=France/C=FR" -passout pass:ca-secret -outform PEM -out ca.pem
openssl pkcs12 -export -inkey ca.key -in ca.pem -out ca.p12 -passin pass:ca-secret -passout pass:ca-secret -name ca

Generate localhost keystore

openssl genrsa -out localhost.key 4096
openssl req -new -key localhost.key -out localhost.csr -sha256 -subj "/[email protected]/CN=localhost/OU=GraviteeSource/O=GraviteeSource/L=Lille/ST=France/C=FR"
openssl x509 -req -in localhost.csr -CA ca.pem -CAkey ca.key -set_serial 100 -extensions server -days 36500 -outform PEM -out localhost.cer -sha256 -passin pass:ca-secret
openssl pkcs12 -export -inkey localhost.key -in localhost.cer -out localhost.p12 -passout pass:secret -name localhost
keytool -importkeystore -srckeystore localhost.p12 -destkeystore localhost.jks -srcstoretype PKCS12 -deststoretype JKS -srcstorepass secret -deststorepass secret -v

Generate localhost2 keystore

openssl genrsa -out localhost2.key 4096
openssl req -new -key localhost2.key -out localhost2.csr -sha256 -subj "/[email protected]/CN=localhost2/OU=GraviteeSource/O=GraviteeSource/L=Lille/ST=France/C=FR"
openssl x509 -req -in localhost2.csr -CA ca.pem -CAkey ca.key -set_serial 100 -extensions server -days 36500 -outform PEM -out localhost2.cer -sha256 -passin pass:ca-secret
openssl pkcs12 -export -inkey localhost2.key -in localhost2.cer -out localhost2.p12 -passout pass:secret -name localhost2
keytool -importkeystore -srckeystore localhost2.p12 -destkeystore localhost2.jks -srcstoretype PKCS12 -deststoretype JKS -srcstorepass secret -deststorepass secret -v

Generate localhost3 keystore with SAN (Subject Alternative Name)

echo "[ req ]\ndistinguished_name = req_distinguished_name\nreq_extensions = v3_req\nextensions = server\nprompt = no\nO = GraviteeSource\nL = Lille\nST = France\n\n[ v3_req ]\nsubjectAltName = @alt_names\n[alt_names]\nDNS.1 = xyz.localhost.com" > localhost3-san.cnf
openssl genrsa -out localhost3.key 4096
openssl req -new -key localhost3.key -out localhost3.csr -sha256 -subj "/[email protected]/CN=localhost3/OU=GraviteeSource/O=GraviteeSource/L=Lille/ST=France/C=FR"
openssl x509 -req -in localhost3.csr -CA ca.pem -CAkey ca.key -set_serial 100 -extensions server -days 36500 -outform PEM -out localhost3.cer -sha256 -passin pass:ca-secret -extensions v3_req -extfile localhost3-san.cnf
openssl pkcs12 -export -inkey localhost3.key -in localhost3.cer -out localhost3.p12 -passout pass:secret -name localhost3
keytool -importkeystore -srckeystore localhost3.p12 -destkeystore localhost3.jks -srcstoretype PKCS12 -deststoretype JKS -srcstorepass secret -deststorepass secret -v

Generate wildcard keystore

openssl genrsa -out wildcard.key 4096
penssl req -new -key wildcard.key -out wildcard.csr -sha256 -subj "/[email protected]/CN=*.localhost.com/OU=GraviteeSource/O=GraviteeSource/L=Lille/ST=France/C=FR"
openssl x509 -req -in wildcard.csr -CA ca.pem -CAkey ca.key -set_serial 100 -extensions server -days 36500 -outform PEM -out wildcard.cer -sha256 -passin pass:ca-secret
openssl pkcs12 -export -inkey wildcard.key -in wildcard.cer -out wildcard.p12 -passout pass:secret -name wildcard
keytool -importkeystore -srckeystore wildcard.p12 -destkeystore wildcard.jks -srcstoretype PKCS12 -deststoretype JKS -srcstorepass secret -deststorepass secret -v

Create an all-in-one keystore

keytool -importkeystore -srckeystore localhost.p12 -destkeystore all-in-one.p12 -srcstoretype PKCS12 -deststoretype PKCS12 -srcstorepass secret -deststorepass secret -v
keytool -importkeystore -srckeystore localhost2.p12 -destkeystore all-in-one.p12 -srcstoretype PKCS12 -deststoretype PKCS12 -srcstorepass secret -deststorepass secret -v
keytool -importkeystore -srckeystore localhost3.p12 -destkeystore all-in-one.p12 -srcstoretype PKCS12 -deststoretype PKCS12 -srcstorepass secret -deststorepass secret -v
keytool -importkeystore -srckeystore wildcard.p12 -destkeystore all-in-one.p12 -srcstoretype PKCS12 -deststoretype PKCS12 -srcstorepass secret -deststorepass secret -v
keytool -importkeystore -srckeystore all-in-one.p12 -destkeystore all-in-one.jks -srcstoretype PKCS12 -deststoretype JKS -srcstorepass secret -deststorepass secret -v

Generate a PKCS#8 private key

openssl genpkey -out rsakey.pem -algorithm RSA -pkeyopt rsa_keygen_bits:2048

gravitee-common's People

Contributors

abourdon avatar aelamrani avatar brasseld avatar gcusnieux avatar graviteeio avatar jean-baptiste-lasselle avatar jhaeyaert avatar lusoalex avatar marcambier avatar nicolasgeraud avatar phiz71 avatar tcompiegne avatar ytvnr avatar zdenda-online avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.