You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by ta...@apache.org on 2015/03/13 21:50:09 UTC
qpid-jms git commit: Clean up certs a bit, remove verify host test as it is covered fully in the client transport tests.

Repository: qpid-jms
Updated Branches:
  refs/heads/master 63467e18e -> 44a3780c2


Clean up certs a bit, remove verify host test as it is covered fully in
the client transport tests.  

Project: http://git-wip-us.apache.org/repos/asf/qpid-jms/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-jms/commit/44a3780c
Tree: http://git-wip-us.apache.org/repos/asf/qpid-jms/tree/44a3780c
Diff: http://git-wip-us.apache.org/repos/asf/qpid-jms/diff/44a3780c

Branch: refs/heads/master
Commit: 44a3780c26e99b5d63fc2150f0d9b2341a25993a
Parents: 63467e1
Author: Timothy Bish <ta...@gmail.com>
Authored: Fri Mar 13 16:49:20 2015 -0400
Committer: Timothy Bish <ta...@gmail.com>
Committed: Fri Mar 13 16:49:32 2015 -0400

----------------------------------------------------------------------
 .../apache/qpid/jms/JmsSSLConnectionTest.java   |  23 +++---------------
 .../src/test/resources/README.txt               |  24 +++++++++++++++++++
 .../src/test/resources/broker-jks.keystore      | Bin 0 -> 2697 bytes
 .../src/test/resources/broker.crt               |  16 +++++++++++++
 .../src/test/resources/broker.csr               |  13 ++++++++++
 .../src/test/resources/ca-jks.keystore          | Bin 0 -> 1182 bytes
 .../src/test/resources/ca.crt                   |  15 ++++++++++++
 .../src/test/resources/client-jks.truststore    | Bin 0 -> 775 bytes
 .../src/test/resources/keystore                 | Bin 3705 -> 0 bytes
 9 files changed, 71 insertions(+), 20 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/qpid-jms/blob/44a3780c/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/java/org/apache/qpid/jms/JmsSSLConnectionTest.java
----------------------------------------------------------------------
diff --git a/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/java/org/apache/qpid/jms/JmsSSLConnectionTest.java b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/java/org/apache/qpid/jms/JmsSSLConnectionTest.java
index 929dd31..d81a534 100644
--- a/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/java/org/apache/qpid/jms/JmsSSLConnectionTest.java
+++ b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/java/org/apache/qpid/jms/JmsSSLConnectionTest.java
@@ -17,16 +17,11 @@
 package org.apache.qpid.jms;
 
 import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.fail;
 
 import java.net.URI;
 
-import javax.jms.JMSException;
-
 import org.apache.activemq.broker.BrokerService;
 import org.apache.activemq.broker.TransportConnector;
-import org.apache.qpid.jms.JmsConnection;
-import org.apache.qpid.jms.JmsConnectionFactory;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
@@ -39,8 +34,10 @@ public class JmsSSLConnectionTest {
     private BrokerService brokerService;
 
     public static final String PASSWORD = "password";
-    public static final String KEYSTORE = "src/test/resources/keystore";
+    public static final String KEYSTORE = "src/test/resources/broker-jks.keystore";
     public static final String KEYSTORE_TYPE = "jks";
+    public static final String TRUSTSTORE = "src/test/resources/client-jks.truststore";
+    public static final String TRUSTSTORE_TYPE = "jks";
 
     private URI connectionURI;
 
@@ -97,18 +94,4 @@ public class JmsSSLConnectionTest {
         connection.start();
         connection.close();
     }
-
-    @Test(timeout=30000)
-    public void testCreateConnectionAndStartWithVerifyHostFailure() throws Exception {
-        JmsConnectionFactory factory = new JmsConnectionFactory(getConnectionURI(true));
-        try {
-            JmsConnection connection = (JmsConnection) factory.createConnection();
-            assertNotNull(connection);
-            connection.start();
-            connection.close();
-            fail("Expected connection to fail");
-        } catch (JMSException jmse) {
-            // expected due to certificate host verification failure.
-        }
-    }
 }

http://git-wip-us.apache.org/repos/asf/qpid-jms/blob/44a3780c/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/README.txt
----------------------------------------------------------------------
diff --git a/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/README.txt b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/README.txt
new file mode 100644
index 0000000..7e7b59f
--- /dev/null
+++ b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/README.txt
@@ -0,0 +1,24 @@
+# The various SSL stores and certificates were created with the following commands:
+
+# Clean up existing files
+# -----------------------
+rm -f *.crt *.csr *.keystore *.truststore
+
+# Create a key and self-signed certificate for the CA, to sign certificate requests and use for trust:
+# ----------------------------------------------------------------------------------------------------
+keytool -storetype jks -keystore ca-jks.keystore -storepass password -keypass password -alias ca -genkey -dname "O=My Trusted Inc.,CN=my-ca.org" -validity 9999 -ext bc:c=ca:true
+keytool -storetype jks -keystore ca-jks.keystore -storepass password -alias ca -exportcert -rfc > ca.crt
+
+# Create a key pair for the broker, and sign it with the CA:
+# ----------------------------------------------------------
+keytool -storetype jks -keystore broker-jks.keystore -storepass password -keypass password -alias broker -genkey -dname "O=Server,CN=localhost" -validity 9999 -ext bc=ca:false -ext eku=sA
+
+keytool -storetype jks -keystore broker-jks.keystore -storepass password -alias broker -certreq -file broker.csr
+keytool -storetype jks -keystore ca-jks.keystore -storepass password -alias ca -gencert -rfc -infile broker.csr -outfile broker.crt -ext bc=ca:false -ext eku=sA
+
+keytool -storetype jks -keystore broker-jks.keystore -storepass password -keypass password -importcert -alias ca -file ca.crt -noprompt
+keytool -storetype jks -keystore broker-jks.keystore -storepass password -keypass password -importcert -alias broker -file broker.crt
+
+# Create trust stores for the client, import the CA cert:
+# -------------------------------------------------------
+keytool -storetype jks -keystore client-jks.truststore -storepass password -keypass password -importcert -alias ca -file ca.crt -noprompt

http://git-wip-us.apache.org/repos/asf/qpid-jms/blob/44a3780c/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/broker-jks.keystore
----------------------------------------------------------------------
diff --git a/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/broker-jks.keystore b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/broker-jks.keystore
new file mode 100644
index 0000000..49dc151
Binary files /dev/null and b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/broker-jks.keystore differ

http://git-wip-us.apache.org/repos/asf/qpid-jms/blob/44a3780c/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/broker.crt
----------------------------------------------------------------------
diff --git a/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/broker.crt b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/broker.crt
new file mode 100644
index 0000000..d78e1fc
--- /dev/null
+++ b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/broker.crt
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIIC8TCCAq+gAwIBAgIENW8bDzALBgcqhkjOOAQDBQAwLjESMBAGA1UEAxMJbXktY2Eub3JnMRgw
+FgYDVQQKEw9NeSBUcnVzdGVkIEluYy4wHhcNMTUwMzEzMTk1NzM4WhcNMTUwNjExMTk1NzM4WjAl
+MRIwEAYDVQQDEwlsb2NhbGhvc3QxDzANBgNVBAoTBlNlcnZlcjCCAbgwggEsBgcqhkjOOAQBMIIB
+HwKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2y5tV
+bNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPFHsMCNVQTWhaR
+MvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yr
+XDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqL
+VHyNKOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+
+z0kqA4GFAAKBgQCT+nMIalZAgQ/nxoETRk2AoollG+tTxNLi466cnEv9TytIfT4O3Sj3DqyAktaD
+oMUAuh0s3jZuLILNaa26hi/1jMdjIXsi9ru011u+Rv1hKa0xUn5EBTSOPH/DauGhcQOTFNf/zj7H
+6bbULtNiZW4h1x0qbxdIYgJrm0AzrEaN76NiMGAwHwYDVR0jBBgwFoAUqlYayLfB1vAfVuXtyVov
+ZC64fmowCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQUTtngA33dMmCa
+Mqc7S5XDCaxvtv8wCwYHKoZIzjgEAwUAAy8AMCwCFCkzJuaBVk1SBNIqjbwFPCULz05dAhQjyAWx
+fu+AJxeSlM2OpHRj5TRw3Q==
+-----END CERTIFICATE-----

http://git-wip-us.apache.org/repos/asf/qpid-jms/blob/44a3780c/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/broker.csr
----------------------------------------------------------------------
diff --git a/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/broker.csr b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/broker.csr
new file mode 100644
index 0000000..71cfdd4
--- /dev/null
+++ b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/broker.csr
@@ -0,0 +1,13 @@
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIICWjCCAhgCAQAwJTESMBAGA1UEAxMJbG9jYWxob3N0MQ8wDQYDVQQKEwZTZXJ2ZXIwggG4MIIB
+LAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZ
+PY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7
+g/bTxR7DAjVUE1oWkTL2dfOuK2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKB
+gQD34aCF1ps93su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQiaiD3+Fa5Z8G
+kotmXoB7VSVkAUw7/s9JKgOBhQACgYEAk/pzCGpWQIEP58aBE0ZNgKKJZRvrU8TS4uOunJxL/U8r
+SH0+Dt0o9w6sgJLWg6DFALodLN42biyCzWmtuoYv9YzHYyF7Iva7tNdbvkb9YSmtMVJ+RAU0jjx/
+w2rhoXEDkxTX/84+x+m21C7TYmVuIdcdKm8XSGICa5tAM6xGje+gMDAuBgkqhkiG9w0BCQ4xITAf
+MB0GA1UdDgQWBBRO2eADfd0yYJoypztLlcMJrG+2/zALBgcqhkjOOAQDBQADLwAwLAIUVm1YPSH0
+Jo/qJyHPz4XcRd2+ZoYCFEZvfHTOZ5/VzXlUjGNWKk6oUPfk
+-----END NEW CERTIFICATE REQUEST-----

http://git-wip-us.apache.org/repos/asf/qpid-jms/blob/44a3780c/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/ca-jks.keystore
----------------------------------------------------------------------
diff --git a/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/ca-jks.keystore b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/ca-jks.keystore
new file mode 100644
index 0000000..e8e7332
Binary files /dev/null and b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/ca-jks.keystore differ

http://git-wip-us.apache.org/repos/asf/qpid-jms/blob/44a3780c/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/ca.crt
----------------------------------------------------------------------
diff --git a/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/ca.crt b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/ca.crt
new file mode 100644
index 0000000..a56a21e
--- /dev/null
+++ b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/ca.crt
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICyDCCAoWgAwIBAgIEPFthUDALBgcqhkjOOAQDBQAwLjESMBAGA1UEAxMJbXktY2Eub3JnMRgw
+FgYDVQQKEw9NeSBUcnVzdGVkIEluYy4wHhcNMTUwMzEzMTk1NDM1WhcNNDIwNzI4MTk1NDM1WjAu
+MRIwEAYDVQQDEwlteS1jYS5vcmcxGDAWBgNVBAoTD015IFRydXN0ZWQgSW5jLjCCAbUwggEsBgcq
+hkjOOAQBMIIBHwKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6
+v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPF
+HsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfh
+oIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88J
+MozIpuE8FnqLVHyNKOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2Ze
+gHtVJWQBTDv+z0kqA4GCAAJ/IhAWFyeAASoAZqnBdIpubv80/Zi2wKgtbnol0SR75AfdUEF9Qeg/
+H0Yqd3ggjHS/tUsIy18CrRPeHVAQadYCBTgiAssS7Ag0CmIB4+J9LTcOljWQASC0MuclS3e4d4L3
+uQiSrkVmiIKMl9bP5N0OWhyzmkT/7p2Klt17bqZfQKMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNV
+HQ4EFgQUqlYayLfB1vAfVuXtyVovZC64fmowCwYHKoZIzjgEAwUAAzAAMC0CFC05/lo0lMADXBZX
+fx/Ytb8/+r2PAhUAkhMXiWaQqxTYg7gvU69NVGyA5JQ=
+-----END CERTIFICATE-----

http://git-wip-us.apache.org/repos/asf/qpid-jms/blob/44a3780c/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/client-jks.truststore
----------------------------------------------------------------------
diff --git a/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/client-jks.truststore b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/client-jks.truststore
new file mode 100644
index 0000000..a21f689
Binary files /dev/null and b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/client-jks.truststore differ

http://git-wip-us.apache.org/repos/asf/qpid-jms/blob/44a3780c/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/keystore
----------------------------------------------------------------------
diff --git a/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/keystore b/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/keystore
deleted file mode 100644
index 9ee6adf..0000000
Binary files a/qpid-jms-interop-tests/qpid-jms-activemq-tests/src/test/resources/keystore and /dev/null differ


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org