From 6d5b550bb36909a84807839aea85158fdf43b155 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anarthal=20=28Rub=C3=A9n=20P=C3=A9rez=29?= <34971811+anarthal@users.noreply.github.com> Date: Sat, 7 Jun 2025 18:37:09 +0200 Subject: [PATCH] Restores the TLS tests in CI (#267) Renews test certificates Recovers and refactors test_conn_tls.cpp Adds a test for TLS reconnection --- test/CMakeLists.txt | 3 +- test/test_conn_tls.cpp | 166 ++++++++++++++++++++++++++------------ tools/docker-compose.yml | 2 +- tools/gen-certificates.sh | 30 +++++++ tools/tls/ca.crt | 48 +++++------ tools/tls/ca.key | 79 +++++++----------- tools/tls/server-key.key | 27 ------- tools/tls/server.crt | 38 ++++----- tools/tls/server.key | 28 +++++++ 9 files changed, 239 insertions(+), 182 deletions(-) create mode 100755 tools/gen-certificates.sh delete mode 100644 tools/tls/server-key.key create mode 100644 tools/tls/server.key diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 66a00f04..3c58ed29 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -40,8 +40,7 @@ make_test(test_any_adapter) # Tests that require a real Redis server make_test(test_conn_quit) -# TODO: Configure a Redis server with TLS in the CI and reenable this test. -#make_test(test_conn_tls) +make_test(test_conn_tls) make_test(test_conn_exec_retry) make_test(test_conn_exec_error) make_test(test_run) diff --git a/test/test_conn_tls.cpp b/test/test_conn_tls.cpp index d507823f..3ea24bea 100644 --- a/test/test_conn_tls.cpp +++ b/test/test_conn_tls.cpp @@ -5,55 +5,49 @@ */ #include +#include #include +#include #include + +#include +#include #define BOOST_TEST_MODULE conn_tls #include #include "common.hpp" namespace net = boost::asio; - -using connection = boost::redis::connection; -using boost::redis::request; -using boost::redis::response; -using boost::redis::config; +using namespace boost::redis; +using namespace std::chrono_literals; using boost::system::error_code; +namespace { + // CA certificate that signed the test server's certificate. // This is a self-signed CA created for testing purposes. // This must match tools/tls/ca.crt contents static constexpr const char* ca_certificate = R"%(-----BEGIN CERTIFICATE----- -MIIFSzCCAzOgAwIBAgIUNd7VUuGK4+ylzCOrmeckg2+TqX8wDQYJKoZIhvcNAQEL -BQAwNTETMBEGA1UECgwKUmVkaXMgVGVzdDEeMBwGA1UEAwwVQ2VydGlmaWNhdGUg -QXV0aG9yaXR5MB4XDTI0MDMzMTE0MjUyM1oXDTM0MDMyOTE0MjUyM1owNTETMBEG -A1UECgwKUmVkaXMgVGVzdDEeMBwGA1UEAwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5 -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5AMV5V66wt+MM4+oCzH0 -xPi++j23p8AOa0o3dxNd4tm5y++gAdKfoxj7oh32ZuYHA5V+sGNEalN/b3GlKXMm -ThdVPSwqOQduny19wrb126ZeQXCfqwgSZQ+rgzaIYpw8/GRRuLDunmsdaR2eiptp -dbv6g6P/aIF6P9mfuekwCC9KBCV6ftqOEnzulNLVw4JjY0rKB9NZqONKVMfWpNyC -zJLCkGmza7BOpybhloZIxGJz033yCjDvIQr9GUWsA5rU9LdUiL+F1W0pWkIel1qo -Evo0EIl3+EOcSSzETI7NPHgnSzNau39ZShV4UBj2lw0DWeNcobeMBQ8ItmqEU6V0 -gCEqfUnt10bGIDdmV3D5FKPgvhFvEjQULnblLeLDQ6XDFf+xbGEVjvTzVkLjvyKm -H2D+SKw2O+eDU/0+xhpAf+QsWlm6pmvKWjXI5wK1rh2yssBK2pmY3LuuZCdGrvXb -KX4j/4S9qMr43Hmyoyz0gE5I5rplqot8TvT9O/JsgQYd9fYSvdB+HbqAlJzpBZFl -xbVBXxl0AlDFwQtNMX5ylEQPvYVDKA1M+DTqRTgQKctTfccwvovY3YMV7m5YoODZ -ya2YSBRfQim6VsC+QPYs7p2dk1larIoMMaTaU02oMY+qT2d/eyhWKBv5W9LuowTQ -bWa3ZhWN8lXriPgJOQnZ6iUCAwEAAaNTMFEwHQYDVR0OBBYEFCpEPlClLrgu1zFN -Fmas5G4ybNRJMB8GA1UdIwQYMBaAFCpEPlClLrgu1zFNFmas5G4ybNRJMA8GA1Ud -EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAFLl1NZHp0NT5Av4GKmsJFeI -cJOgcIygjR4SBGDAxyPqVpZk0x1q64gJsfOe1ARyI4olQPqO08FZMeB+VBYuqR3S -fEVQZz2FT5U7IVAEZwWHOcWkrrVpEZC6PZktYJ7Yqju6+ic93inoPrHhGNZ5XA/Y -GSfwriWkyWm2SOk35ChFH67MbPWmve8CRAXRmrOCByXwXF87wdqVYZUvH9xDe6WU -snFWXVHr2NA7Re8ZIGp7yJOwwW+CZagepNCPUDwnI0fWOahtOTzonIjq8bfgTZPx -2e7lBuAr9tVMpoeyUytVOlNJDojZAtKOpfMwhAG8ydhk+78aK07VVbnSYVhv7ctU -kkkldqP/S3lBlWo44oOxenwLc9vDQNh64py7eQTD7Qv+TjqAG0ljHIDbVqlkQsgR -pQsu7keG9O1xASSTLZVZN2/alNewpqE/eFRfPM3mtUiTiIZvSxiQnWQMbKofAZH5 -HwhVli4RKWRWPqpof4GFNkB8XwfBE+gdlFuWtyg0oRyV3sJ6Zn7E+lUpbQX4CFx3 -97vekaFNBchNYMcP3TZ9LwxTx1xOWZ5HHrHyzASG3uz2rqwAsEmdRbmK03KfEQyQ -YpNY718btZ1D6lLino9VMgzaPhUs79bHC64O4ncl7hRclK9qa3KLQdCG1cbIR7G0 -2XVYrfsnPHX0CsPDIy7L +MIIDhzCCAm+gAwIBAgIUZGttu4o/Exs08EHCneeD3gHw7KkwDQYJKoZIhvcNAQEL +BQAwUjELMAkGA1UEBhMCRVMxGjAYBgNVBAoMEUJvb3N0LlJlZGlzIENJIENBMQsw +CQYDVQQLDAJJVDEaMBgGA1UEAwwRYm9vc3QtcmVkaXMtY2ktY2EwIBcNMjUwNjA3 +MTI0NzUwWhgPMjA4MDAzMTAxMjQ3NTBaMFIxCzAJBgNVBAYTAkVTMRowGAYDVQQK +DBFCb29zdC5SZWRpcyBDSSBDQTELMAkGA1UECwwCSVQxGjAYBgNVBAMMEWJvb3N0 +LXJlZGlzLWNpLWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7XV +sOoHB2J/5VtyJmMOzxhBbHKyQgW1YnMvYIb1JqIm7VuICA831SUw76n3j8mIK3zz +FfK2eYyUWf4Uo2j3uxmXDyjujqzIaUJNLcB53CQXkmIbqDigNhzUTPZ5A2MQ7xT+ +t1eDbjsZ7XIM+aTShgtrpyxiccsgPJ3/XXme2RrqKeNvYsTYY6pquWZdyLOg/LOH +IeSJyL1/eQDRu/GsZjnR8UOE6uHfbjrLWls7Tifj/1IueVYCEhQZpJSWS8aUMLBZ +fi+t9YMCCK4DGy+6QlznGgVqdFFbTUt2C7tzqz+iF5dxJ8ogKMUPEeFrWiZpozoS +t60jV8fKwdXz854jLQIDAQABo1MwUTAdBgNVHQ4EFgQU2SoWvvZUW8JiDXtyuXZK +deaYYBswHwYDVR0jBBgwFoAU2SoWvvZUW8JiDXtyuXZKdeaYYBswDwYDVR0TAQH/ +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAqY4hGcdCFFPL4zveSDhR9H/akjae +uXbpo/9sHZd8e3Y4BtD8K05xa3417H9u5+S2XtyLQg5MON6J2LZueQEtE3wiR3ja +QIWbizqp8W54O5hTLQs6U/mWggfuL2R/HUw7ab4M8JobwHNEMK/WKZW71z0So/kk +W3wC0+1RH2PjMOZrCIflsD7EXYKIIr9afypAbhCQmCfu/GELuNx+LmaPi5JP4TTE +tDdhzWL04JLcZnA0uXb2Mren1AR9yKYH2I5tg5kQ3Bn/6v9+JiUhiejP3Vcbw84D +yFwRzN54bLanrJNILJhHPwnNIABXOtGUV05SZbYazJpiMst1a6eqDZhv/Q== -----END CERTIFICATE-----)%"; static config make_tls_config() @@ -65,13 +59,14 @@ static config make_tls_config() return cfg; } -BOOST_AUTO_TEST_CASE(ping_internal_ssl_context) +// Using the default TLS context allows establishing TLS connections and execute requests +BOOST_AUTO_TEST_CASE(exec_default_ssl_context) { auto const cfg = make_tls_config(); - std::string const in = "Kabuf"; + constexpr std::string_view ping_value = "Kabuf"; request req; - req.push("PING", in); + req.push("PING", ping_value); response resp; @@ -82,30 +77,39 @@ BOOST_AUTO_TEST_CASE(ping_internal_ssl_context) // that is not trusted by default - skip verification. conn.next_layer().set_verify_mode(net::ssl::verify_none); - conn.async_exec(req, resp, [&](error_code ec, auto) { - BOOST_TEST(ec == std::error_code()); + bool exec_finished = false, run_finished = false; + + conn.async_exec(req, resp, [&](error_code ec, std::size_t) { + exec_finished = true; + BOOST_TEST(ec == error_code()); conn.cancel(); }); - conn.async_run(cfg, {}, [](auto) { }); + conn.async_run(cfg, {}, [&](error_code ec) { + run_finished = true; + BOOST_TEST(ec == net::error::operation_aborted); + }); - ioc.run(); + ioc.run_for(test_timeout); - BOOST_CHECK_EQUAL(in, std::get<0>(resp).value()); + BOOST_TEST(exec_finished); + BOOST_TEST(run_finished); + BOOST_TEST(std::get<0>(resp).value() == ping_value); } -BOOST_AUTO_TEST_CASE(ping_custom_ssl_context) +// Users can pass a custom context with TLS config +BOOST_AUTO_TEST_CASE(exec_custom_ssl_context) { auto const cfg = make_tls_config(); - std::string const in = "Kabuf"; + constexpr std::string_view ping_value = "Kabuf"; request req; - req.push("PING", in); + req.push("PING", ping_value); response resp; net::io_context ioc; - net::ssl::context ctx{boost::asio::ssl::context::tls_client}; + net::ssl::context ctx{net::ssl::context::tls_client}; // Configure the SSL context to trust the CA that signed the server's certificate. // The test certificate uses "redis" as its common name, regardless of the actual server's hostname @@ -115,14 +119,74 @@ BOOST_AUTO_TEST_CASE(ping_custom_ssl_context) connection conn{ioc, std::move(ctx)}; - conn.async_exec(req, resp, [&](auto ec, auto) { - BOOST_TEST(ec == std::error_code()); + bool exec_finished = false, run_finished = false; + + conn.async_exec(req, resp, [&](error_code ec, std::size_t) { + exec_finished = true; + BOOST_TEST(ec == error_code()); conn.cancel(); }); - conn.async_run(cfg, {}, [](auto) { }); + conn.async_run(cfg, {}, [&](error_code ec) { + run_finished = true; + BOOST_TEST(ec == net::error::operation_aborted); + }); - ioc.run(); + ioc.run_for(test_timeout); - BOOST_CHECK_EQUAL(in, std::get<0>(resp).value()); + BOOST_TEST(exec_finished); + BOOST_TEST(run_finished); + BOOST_TEST(std::get<0>(resp).value() == ping_value); } + +// After an error, a TLS connection can recover. +// Force an error using QUIT, then issue a regular request to verify that we could reconnect +BOOST_AUTO_TEST_CASE(reconnection) +{ + // Setup + net::io_context ioc; + net::steady_timer timer{ioc}; + connection conn{ioc}; + auto const cfg = make_tls_config(); + + request ping_request; + ping_request.push("PING", "some_value"); + + request quit_request; + quit_request.push("QUIT"); + + bool exec_finished = false, run_finished = false; + + // Run the connection + conn.async_run(cfg, {}, [&](error_code ec) { + run_finished = true; + BOOST_TEST(ec == net::error::operation_aborted); + }); + + // The PING is the end of the callback chain + auto ping_callback = [&](error_code ec, std::size_t) { + exec_finished = true; + BOOST_TEST(ec == error_code()); + conn.cancel(); + }; + + auto quit_callback = [&](error_code ec, std::size_t) { + BOOST_TEST(ec == error_code()); + + // If a request is issued immediately after QUIT, the request sometimes + // fails, probably due to a race condition. This dispatches any pending + // handlers, triggering the reconnection process. + // TODO: this should not be required. + ioc.poll(); + conn.async_exec(ping_request, ignore, ping_callback); + }; + + conn.async_exec(quit_request, ignore, quit_callback); + + ioc.run_for(test_timeout); + + BOOST_TEST(exec_finished); + BOOST_TEST(run_finished); +} + +} // namespace \ No newline at end of file diff --git a/tools/docker-compose.yml b/tools/docker-compose.yml index e5d81c73..bd58fc88 100644 --- a/tools/docker-compose.yml +++ b/tools/docker-compose.yml @@ -5,7 +5,7 @@ services: "redis-server", "--tls-port", "6380", "--tls-cert-file", "/tls/server.crt", - "--tls-key-file", "/tls/server-key.key", + "--tls-key-file", "/tls/server.key", "--tls-ca-cert-file", "/tls/ca.crt", "--tls-auth-clients", "no", ] diff --git a/tools/gen-certificates.sh b/tools/gen-certificates.sh new file mode 100755 index 00000000..491e5032 --- /dev/null +++ b/tools/gen-certificates.sh @@ -0,0 +1,30 @@ +#!/bin/bash +# Copyright (c) 2025 Marcelo Zimbres Silva (mzimbres@gmail.com), +# Ruben Perez Hidalgo (rubenperez038 at gmail dot com) +# +# Distributed under the Boost Software License, Version 1.0. (See +# accompanying file LICENSE.txt) +# + +# Generates the ca and certificates used for CI testing. +# Run this in the directory where you want the certificates to be generated. + +set -e + +# CA private key +openssl genpkey -algorithm RSA -out ca.key -pkeyopt rsa_keygen_bits:2048 + +# CA certificate +openssl req -x509 -new -nodes -key ca.key -sha256 -days 20000 -out ca.crt \ + -subj '/C=ES/O=Boost.Redis CI CA/OU=IT/CN=boost-redis-ci-ca' + +# Server private key +openssl genpkey -algorithm RSA -out server.key -pkeyopt rsa_keygen_bits:2048 + +# Server certificate +openssl req -new -key server.key -out server.csr \ + -subj '/C=ES/O=Boost.Redis CI CA/OU=IT/CN=redis' +openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial \ + -out server.crt -days 20000 -sha256 +rm server.csr +rm ca.srl diff --git a/tools/tls/ca.crt b/tools/tls/ca.crt index da02769d..ac241b89 100644 --- a/tools/tls/ca.crt +++ b/tools/tls/ca.crt @@ -1,31 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIFSzCCAzOgAwIBAgIUNd7VUuGK4+ylzCOrmeckg2+TqX8wDQYJKoZIhvcNAQEL -BQAwNTETMBEGA1UECgwKUmVkaXMgVGVzdDEeMBwGA1UEAwwVQ2VydGlmaWNhdGUg -QXV0aG9yaXR5MB4XDTI0MDMzMTE0MjUyM1oXDTM0MDMyOTE0MjUyM1owNTETMBEG -A1UECgwKUmVkaXMgVGVzdDEeMBwGA1UEAwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5 -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5AMV5V66wt+MM4+oCzH0 -xPi++j23p8AOa0o3dxNd4tm5y++gAdKfoxj7oh32ZuYHA5V+sGNEalN/b3GlKXMm -ThdVPSwqOQduny19wrb126ZeQXCfqwgSZQ+rgzaIYpw8/GRRuLDunmsdaR2eiptp -dbv6g6P/aIF6P9mfuekwCC9KBCV6ftqOEnzulNLVw4JjY0rKB9NZqONKVMfWpNyC -zJLCkGmza7BOpybhloZIxGJz033yCjDvIQr9GUWsA5rU9LdUiL+F1W0pWkIel1qo -Evo0EIl3+EOcSSzETI7NPHgnSzNau39ZShV4UBj2lw0DWeNcobeMBQ8ItmqEU6V0 -gCEqfUnt10bGIDdmV3D5FKPgvhFvEjQULnblLeLDQ6XDFf+xbGEVjvTzVkLjvyKm -H2D+SKw2O+eDU/0+xhpAf+QsWlm6pmvKWjXI5wK1rh2yssBK2pmY3LuuZCdGrvXb -KX4j/4S9qMr43Hmyoyz0gE5I5rplqot8TvT9O/JsgQYd9fYSvdB+HbqAlJzpBZFl -xbVBXxl0AlDFwQtNMX5ylEQPvYVDKA1M+DTqRTgQKctTfccwvovY3YMV7m5YoODZ -ya2YSBRfQim6VsC+QPYs7p2dk1larIoMMaTaU02oMY+qT2d/eyhWKBv5W9LuowTQ -bWa3ZhWN8lXriPgJOQnZ6iUCAwEAAaNTMFEwHQYDVR0OBBYEFCpEPlClLrgu1zFN -Fmas5G4ybNRJMB8GA1UdIwQYMBaAFCpEPlClLrgu1zFNFmas5G4ybNRJMA8GA1Ud -EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAFLl1NZHp0NT5Av4GKmsJFeI -cJOgcIygjR4SBGDAxyPqVpZk0x1q64gJsfOe1ARyI4olQPqO08FZMeB+VBYuqR3S -fEVQZz2FT5U7IVAEZwWHOcWkrrVpEZC6PZktYJ7Yqju6+ic93inoPrHhGNZ5XA/Y -GSfwriWkyWm2SOk35ChFH67MbPWmve8CRAXRmrOCByXwXF87wdqVYZUvH9xDe6WU -snFWXVHr2NA7Re8ZIGp7yJOwwW+CZagepNCPUDwnI0fWOahtOTzonIjq8bfgTZPx -2e7lBuAr9tVMpoeyUytVOlNJDojZAtKOpfMwhAG8ydhk+78aK07VVbnSYVhv7ctU -kkkldqP/S3lBlWo44oOxenwLc9vDQNh64py7eQTD7Qv+TjqAG0ljHIDbVqlkQsgR -pQsu7keG9O1xASSTLZVZN2/alNewpqE/eFRfPM3mtUiTiIZvSxiQnWQMbKofAZH5 -HwhVli4RKWRWPqpof4GFNkB8XwfBE+gdlFuWtyg0oRyV3sJ6Zn7E+lUpbQX4CFx3 -97vekaFNBchNYMcP3TZ9LwxTx1xOWZ5HHrHyzASG3uz2rqwAsEmdRbmK03KfEQyQ -YpNY718btZ1D6lLino9VMgzaPhUs79bHC64O4ncl7hRclK9qa3KLQdCG1cbIR7G0 -2XVYrfsnPHX0CsPDIy7L +MIIDhzCCAm+gAwIBAgIUZGttu4o/Exs08EHCneeD3gHw7KkwDQYJKoZIhvcNAQEL +BQAwUjELMAkGA1UEBhMCRVMxGjAYBgNVBAoMEUJvb3N0LlJlZGlzIENJIENBMQsw +CQYDVQQLDAJJVDEaMBgGA1UEAwwRYm9vc3QtcmVkaXMtY2ktY2EwIBcNMjUwNjA3 +MTI0NzUwWhgPMjA4MDAzMTAxMjQ3NTBaMFIxCzAJBgNVBAYTAkVTMRowGAYDVQQK +DBFCb29zdC5SZWRpcyBDSSBDQTELMAkGA1UECwwCSVQxGjAYBgNVBAMMEWJvb3N0 +LXJlZGlzLWNpLWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7XV +sOoHB2J/5VtyJmMOzxhBbHKyQgW1YnMvYIb1JqIm7VuICA831SUw76n3j8mIK3zz +FfK2eYyUWf4Uo2j3uxmXDyjujqzIaUJNLcB53CQXkmIbqDigNhzUTPZ5A2MQ7xT+ +t1eDbjsZ7XIM+aTShgtrpyxiccsgPJ3/XXme2RrqKeNvYsTYY6pquWZdyLOg/LOH +IeSJyL1/eQDRu/GsZjnR8UOE6uHfbjrLWls7Tifj/1IueVYCEhQZpJSWS8aUMLBZ +fi+t9YMCCK4DGy+6QlznGgVqdFFbTUt2C7tzqz+iF5dxJ8ogKMUPEeFrWiZpozoS +t60jV8fKwdXz854jLQIDAQABo1MwUTAdBgNVHQ4EFgQU2SoWvvZUW8JiDXtyuXZK +deaYYBswHwYDVR0jBBgwFoAU2SoWvvZUW8JiDXtyuXZKdeaYYBswDwYDVR0TAQH/ +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAqY4hGcdCFFPL4zveSDhR9H/akjae +uXbpo/9sHZd8e3Y4BtD8K05xa3417H9u5+S2XtyLQg5MON6J2LZueQEtE3wiR3ja +QIWbizqp8W54O5hTLQs6U/mWggfuL2R/HUw7ab4M8JobwHNEMK/WKZW71z0So/kk +W3wC0+1RH2PjMOZrCIflsD7EXYKIIr9afypAbhCQmCfu/GELuNx+LmaPi5JP4TTE +tDdhzWL04JLcZnA0uXb2Mren1AR9yKYH2I5tg5kQ3Bn/6v9+JiUhiejP3Vcbw84D +yFwRzN54bLanrJNILJhHPwnNIABXOtGUV05SZbYazJpiMst1a6eqDZhv/Q== -----END CERTIFICATE----- diff --git a/tools/tls/ca.key b/tools/tls/ca.key index 8c495c7d..ab64d662 100644 --- a/tools/tls/ca.key +++ b/tools/tls/ca.key @@ -1,51 +1,28 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKgIBAAKCAgEA5AMV5V66wt+MM4+oCzH0xPi++j23p8AOa0o3dxNd4tm5y++g -AdKfoxj7oh32ZuYHA5V+sGNEalN/b3GlKXMmThdVPSwqOQduny19wrb126ZeQXCf -qwgSZQ+rgzaIYpw8/GRRuLDunmsdaR2eiptpdbv6g6P/aIF6P9mfuekwCC9KBCV6 -ftqOEnzulNLVw4JjY0rKB9NZqONKVMfWpNyCzJLCkGmza7BOpybhloZIxGJz033y -CjDvIQr9GUWsA5rU9LdUiL+F1W0pWkIel1qoEvo0EIl3+EOcSSzETI7NPHgnSzNa -u39ZShV4UBj2lw0DWeNcobeMBQ8ItmqEU6V0gCEqfUnt10bGIDdmV3D5FKPgvhFv -EjQULnblLeLDQ6XDFf+xbGEVjvTzVkLjvyKmH2D+SKw2O+eDU/0+xhpAf+QsWlm6 -pmvKWjXI5wK1rh2yssBK2pmY3LuuZCdGrvXbKX4j/4S9qMr43Hmyoyz0gE5I5rpl -qot8TvT9O/JsgQYd9fYSvdB+HbqAlJzpBZFlxbVBXxl0AlDFwQtNMX5ylEQPvYVD -KA1M+DTqRTgQKctTfccwvovY3YMV7m5YoODZya2YSBRfQim6VsC+QPYs7p2dk1la -rIoMMaTaU02oMY+qT2d/eyhWKBv5W9LuowTQbWa3ZhWN8lXriPgJOQnZ6iUCAwEA -AQKCAgAaDwg3mKX7k5TwZ6Cq9uCkilE5REhzEY4UUP0ZzMrUHFIRrqc4zhuUhkxr -8MSyaeOvUyyReCbfh/9ueyyHGjPshNonDZ8duW25H3faAxMCMXdgP0DgSSHhDvNp -IZhgvL5zkfuNAhujW1aXJt1xteVNoVg2J04PYYzZM0P/+ViV9uGcq7PeP5gxILob -pCTuHT7CoE+KqWr71E4wdk5ftRv1yWgXHR12V0YF8HmjvGEgoKfgKeq5o3IQ8rKO -atoH53AjL7inkEv5YmpxeFEKtz+yO4orwapGY2O/MTCWF1P5bzn+bDYYa6uGvgFs -Fg5IoSIa6dMyYEnOYjN6tZ29+ZDgxLAn8tJYsZP+2lAtdRYdYyxdTfspycS1w+2Q -7cSdsBRC92zs9hKbp21pTGcLxaHMKgBCH/98gYxstf4fDwrhZSg80Sf5FUM2KyiZ -NhA6bEo8h0EUPjbuCPe/GtgYsnqVH/rBsDIPLoOUtGh8KCRXn9Rgi4/DxRn2fyRo -FOaafRzKrDI6CWWHhmooKNSOGl8Xd+4l1wKjjXzvjttg+erlpGLoDDEy1m1iE5IA -TBrUHHHHiHJ/8WFet9wCqSwPO39ZNoqWsKy4cN6qgzE+5+Xl+Z9NfGeyCwZACrcG -5mBrMfGArJ+xS0pner73fkHMv0QUOr6QxVQt+YRtTc2ctSlwmQKCAQEA8a9ceg6p -XaHWAwf9AMjrEizWHaGksQkeIC0ktW4x2UMAXumAZ/g8SfcmSFd7p+puLQPnuRj1 -pnrOkRUa2AVNvpFz693qBSi2uTdZlmIVmIsOlWuu1+8EpPHfmG2qI0ViABFjoyhk -l/PgBUVxSgztXDTXKseFoIjUY8/nuHCxt4FhBk642ApAdF/NnQe9Te40umi7yBHn -tXPmf8jvyO8/OdcAJ346YAoGmnLZmC1NYqvhbb3yNulQPVdJDHIEpXMOmBWgBsf8 -d3vQdw5OuEHkb02lr8NRprNFcMzSK04sDvhBno8mFjQ5XP1ztzeU4koNZqT5FReU -GFIytqm71eDBHwKCAQEA8YRnL+eJGkR4vuUGqB6UBs7kHM0YCGRsZRjNHQKmCwyp -J6eTR2YiIfWrKnR4F34KWTf2/H4exrWYI2bQM1TQqtjVSsSHcyF8tw5/dJ3z1BXo -nG1w0nB7vaxzhEeRsDnIf6Yi7HXpVQkdRFSRFlxnzlPB6JvpR7jF7ZDibzYAzs6g -hg3FAB+ds/1qrsiBPgalCslm6xqDmZgW+vnn+rIJHm/SPwi0RN8fx9p5s+BkiLfh -c49bwCTvmOlIlJkCpa2Gc8hW3oM0jW4N6iGfN2WKksEozU1O5p5Wd3xB2vDm3bTn -XQ7BHGWDHIz0Km+nxEyywOHXB0QDIUj9CmHLuD2YOwKCAQEAqCW1VUY2F2qtFtbL -82vWAIMpRNxdVL5fM0u1KnVMQTgYXfBe4fcXGu7Ut6gF5EF5/d+lrGXtIrJ2XQIt -9vVZrahM2mE+m/BDkIEt1y7Oj57Puq18q8cjmA6f3dEOehOfpyRyCeXkdsO5rHEv -7LEpwukQejbuhU4tVnQjZ3MgceeVtWm3uLcJOO4eg44K6tk73iVX4E50ww2r5GPM -UCQD/R3UgaWUv5S6G2KkePery2aCJHPuvL1+ke7UZ9A741A1ayJAf/dLc2W1F9/g -bNmLMNT43VwqxqwbN+uInZB5nsCiBsrZWMFk14mOpH4LG5Uh1bQZh88rvfASUHuu -r5L7SQKCAQEAlJk1b/kSlzHX5QQ/Q0OFKmczXTEnf0pikxVeZmIRzaydi0OEz6Jc -j+56wSVmGnY3YcuYUKQ8xWBH2khRA7REq0m8ekNPX5wUAwGNlC/3LN/J/i0sBJ6m -0/3+GT57uiTjYv7ScBDgXqy78CXkGxEB4aYRIdCECNf8F/5UA78DYjsp8zEXq8rI -Gk1qzV2af5JRC8D9bNwkamV0hjkq7UmLaMm+X4A4gkOSZ0HaLb17vc79jT+AYUmY -jcnDGYLHaS7KEgUKxd+OfxJex1amgswcJc1pEGBnkmeLpfqy/kXIllLPI6eHU7R1 -piRnupB2dcYHGbwatGK5Vkp1PmULljF3rwKCAQEA6bMIbmxcXHb7XAHMwGqsa+2S -YlMoWEAIk7biFjEeBmfPqiMPEwZW6iZ5SinAjSw1cf7s89TMZIUapoBkidzXNV3I -AbZohhMspLPYpD9A4PRBdGBMcJwHWrIdJdO0Zqtn8X3e8j3ruUqRUpioSS5XKPaw -cjeqv8KiQ2Y1wbzkv+jmNcLcLK/hn6K+TntDpdtHy/dUJVlNoBaE0kAXD82Ic2VL -iRhQSCxMZSJ00tiGzyHzxewDDrDFJ+6dk/Lr4/Gf5IAUWrs8uEi73dc6fwU4msNm -PSJa7C66KktxbMryCCxAJvnGhR5KkmZXQI1nKCbNFc5xE9kw0wWGgy9pB+Q61w== ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7tdWw6gcHYn/l +W3ImYw7PGEFscrJCBbVicy9ghvUmoibtW4gIDzfVJTDvqfePyYgrfPMV8rZ5jJRZ +/hSjaPe7GZcPKO6OrMhpQk0twHncJBeSYhuoOKA2HNRM9nkDYxDvFP63V4NuOxnt +cgz5pNKGC2unLGJxyyA8nf9deZ7ZGuop429ixNhjqmq5Zl3Is6D8s4ch5InIvX95 +ANG78axmOdHxQ4Tq4d9uOstaWztOJ+P/Ui55VgISFBmklJZLxpQwsFl+L631gwII +rgMbL7pCXOcaBWp0UVtNS3YLu3OrP6IXl3EnyiAoxQ8R4WtaJmmjOhK3rSNXx8rB +1fPzniMtAgMBAAECggEAffDzTf7G9oJ08yrWvMCrl/FbO+r8hOWVnFdSCz6hTulu +msRV0ap8OGr6mWJ9ciCyVxM/eZNeMNFMW9DogfcUd5kkzAwXeuycjlros3C3kic5 +FYLzsXtEqunO21BnQwl9vBtnBxYVXakTrUdfQ0P95+fTs9dIubaii2kqg8ns9RY+ +ebz2vnviNQaVL4WK3ohX+PJ7pimAM8KAwHl7e1RQn/ORghSycr9TAZKEqeZRlvtW +2TJBTknyr0Uo8KNi5L4nxi1qspgm9W7lFcmmv2cIkQsWFZvRY3a7iYsD6DOt2kaA +yFYlW6+n2V0uE6sYxZKe++VnSsueSDPzhmpRsiQONQKBgQDjV+vyoWqEaZoTVIpI +Ody1cOWwaqp0xnzaB/xsGYCWiW2wTWkq5Xpkp+Ia9w3YhHSEp7y6QYzNtofF8008 +LNKWynrhvq9isfrxcz5aqqf3ZYpFbJrxLJMzmF+H70G0HO/cXKg0FAYNnq1arkUZ +kQHWV8u/Bov5mLv9tVpmhzP7FwKBgQDTXwCqdJ1vNnZyXGhgCGVvMp6l1gw7RoF6 +LxrP4bR5vNhTa5xs8ibxpj2jd2ZmdzV6Y1r2imedsbKNlnvgDMVIWBtYWBFqjz9q +I88xtfiHLj1rFI21aI4TrWhxafmSBC6gli+1I840l6DtVE8xT/qCDveP/Umzivj8 +XLd+y8BuWwKBgQDXzWPZw0ObQarR4pQJD3Pkf7BokDgR9UAary37ZxHa08Vdb33/ +DCnsVjiZJB7ugn0gVyEdJJAFzdiAHP4ZuuqD3NxcYWeWph/xBlYQNqKOgsKIOBm0 +CX4JogA8xu51jGpboVDBbqh4UUF5LKfHJxC5aEmtoQdJ/KOmp3mSjZDYLQKBgFtW +klMWUXHddxG0HOZiunJyzVucQ2zZ6tmBwXRTdEmm8VQbDF2Hxoxl6fzZe8aLfPCG +PqiK5nuebioA/Ua0PgwlBqwGYoBJpn2XO9GfcOX5dVDwcMwTglG+fYOE5/PRGtUK +EVOVRWY0n7Xu2MnWZcoN7ayrJ04On8ltx11jbqRBAoGBAKvtJS0dKpsP6WvIrjQR +pqVxrpxnhWsgbSRNqCAFsqKwEGsrIXXVQIcOyrNSm1l6GxCWm7lnmkEcvddGy67f +0H/LqMItt1G5Dex96Zslhainz0oEE2yVX1x2H4qb0A1vEjviC/RVxFBheZrkWtEP +zQx9D/Gk2S471503xdYgUAv3 +-----END PRIVATE KEY----- diff --git a/tools/tls/server-key.key b/tools/tls/server-key.key deleted file mode 100644 index 56f99f96..00000000 --- a/tools/tls/server-key.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAxDwCrIWM9cqHpT/2MKnQ2DsdChUOkKkwsw8HA/eSrLm+LqGl -IFcj19j9PP68O5Nd1N4W1SFHz2HiaZarTtqCBo+laaXaxoAjOA7BiPP6Rce8t+gb -mJ4EvjwEn+vIg6eyM8fFRyoqUSIh5ybJ7Cq7Un0lUDqhbt7VrvBWZQcyh6z9F1Z1 -NXiexKdYH/ewpGrA2FeM9lv3zVUiJKO0mM2t86u/TPw9zsgc3sQAwd1I+dZv+jbA -qfjzrfNIk0htRKgMKTuIOwZlFW+WLhqx9dDfMrAD30vSv0jXyPa1tYo46hBIwefr -0PcLpw3HNwgrizDOShhS9V2pTtO9gVM+Xxwn/wIDAQABAoIBAA50zU2gWQ4SaYPG -/n//Qp9rW2xOuM/3ZtsKFF46cte+p0AQMHX9dWqFVcKUkZFh/ducsNnqpbulXmSg -8OXSOxn4oxrxWPien/mVPLS2JI3XdROnScEogvjwuvZ9DDyGsh4WbXYcqRlpBk5d -ESsQytP83C7Y4uOkDuHgWrz+lr5f4tbwxEvSI4AQ0ucksV/BNupwGaz0VTOqWTuN -cZSRILcDnkldFXprX//QFUxGYh3sLQpigja9v2ES72yEuS3VDaZvc/2CQL51vYn/ -wfnKSUPSiX1p/wtwJXwTUzFIKYsfi/b3TqWCt+ajqSY4hUqHn/xf+m27sTV2thbC -w3Hh8yECgYEA+4bvSk8uRFy1Yg+G36sSKp/tBAmrGE3vFfhePTC7XFsUQstQE9pP -1IZJY+SxKfj8snben6MtSjNu0ntte55Jnhq0M2UsmsEzR0rN43P1u8iJAUe1vp4t -vptJCUDDj+8WppzzyzbRESoFYfJ5o9JMu0h12Sx/U1bgnp75NhRi2y0CgYEAx7lb -wT6a/FSgkisvrOTY+bY9xsz7aqH+fz2FdZpoJlIofbofmwdNGU2oXdo4S71ITB4y -xLLOuyUhz2okBu+iwJbZEmX1CALe/GV1UYAlNcFVmggGQM44G0mh1chgR6qIbCOB -7yPwPkmERVqGtV+MxPR8ku7u73b/3sDLmVTUm1sCgYB46RR+lDGZizdmPDCJtKK2 -+snk9wDYXh5gYVRr9dEbRG0o7rM/1+IoN6Vv7696jcZrw9igxMAwuyi65bprglvB -NPUK/8fBXL5ZtwviGww1iODTTLWBPGihB+TEHe3kcvpgfXJ0bZVyutB7lSQELEPW -g66jB1DtrwWrOqBx7rrWwQKBgQCMqdqanoovfzbb23inb0H1lUmrE0FbV55TZTPy -oP4LRz/nVMffuuOtF4mmGAQgK76YhYhCCqEZI0zNtTaMgAgDVfqqP460xrjf0GEx -Nmx+kJzGcDJfQB458cD+PTK6JrwQVW20zH3ukH6NDfXkFdih+oMmRQuZMhmBfA2o -/xsCEwKBgQDTbsTzHrBSvQtxEB8QYFnEBeRcvNHrtvVrWGJnYPbmvAAxJgzC83tr -u8ST6sPUTe7rpdxQUzwxThkkbovsPqC+40wwclOMltZSyVwNlREYUl8iQUZKX0ZM -0sdNP0Z/UMCDa08yz18qbMtehQrIS2o6lwzIgM/NS2IlkmN7Hbx5Mw== ------END RSA PRIVATE KEY----- diff --git a/tools/tls/server.crt b/tools/tls/server.crt index ffc4a821..a91efaea 100644 --- a/tools/tls/server.crt +++ b/tools/tls/server.crt @@ -1,23 +1,19 @@ -----BEGIN CERTIFICATE----- -MIID3DCCAcQCFENgZw0c9P89NpIf0+jFhIYpQzi3MA0GCSqGSIb3DQEBCwUAMDUx -EzARBgNVBAoMClJlZGlzIFRlc3QxHjAcBgNVBAMMFUNlcnRpZmljYXRlIEF1dGhv -cml0eTAeFw0yNDAzMzExNDI1MzlaFw0yNDA0MzAxNDI1MzlaMCAxDjAMBgNVBAoM -BXJlZGlzMQ4wDAYDVQQDDAVyZWRpczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC -AQoCggEBAMQ8AqyFjPXKh6U/9jCp0Ng7HQoVDpCpMLMPBwP3kqy5vi6hpSBXI9fY -/Tz+vDuTXdTeFtUhR89h4mmWq07aggaPpWml2saAIzgOwYjz+kXHvLfoG5ieBL48 -BJ/ryIOnsjPHxUcqKlEiIecmyewqu1J9JVA6oW7e1a7wVmUHMoes/RdWdTV4nsSn -WB/3sKRqwNhXjPZb981VIiSjtJjNrfOrv0z8Pc7IHN7EAMHdSPnWb/o2wKn4863z -SJNIbUSoDCk7iDsGZRVvli4asfXQ3zKwA99L0r9I18j2tbWKOOoQSMHn69D3C6cN -xzcIK4swzkoYUvVdqU7TvYFTPl8cJ/8CAwEAATANBgkqhkiG9w0BAQsFAAOCAgEA -le50e2bw+Vc0kN9PUs13p/2JAEy1LlS1ehyBx+O1kFnkQRk6YMNOFDcrL9+65pWq -La1Me+OozgUuBErhbI7eElFwb5CJ1Jzm2UGmV7+9AcC0eU4qdY0tR/gOpPtaKVly -+Sqq44P2lZSBssjr1KLuk/pEGd4Q//G8EB31TumLRTL+fbzSqQ+m/5mukMdCSUpd -lxeCzr1n0p9/29eZ2+qX7moQUvZ9nsHwtKyxMsuDSJTiHysC5TfGWrbstpFULM7M -bqKZiA+WLtDCvh8xa49+AeDbbZSQahEVm09I9ww3XBFCQNTfgmnscMvscpgR5xqj -A3AceHjhO7T8oAdNF8UoHprIpLl7tw/RZwqYeLq1IabwUN+t+Patt4HZIRgWeiKc -IlzPICI8n3OhHBRTl0GhPL6G85Z56WhI6wxbTm9HmVRYK1RFbPpIxQ7Mi+BQG5wC -oXwAAQeDyF0au9zByTU6bjYqXMGgaBRVzSh1VaQ675yqT3+CJFAMPqkGdTmgwOBy -Ge7T697+gMR37/xPqY7TnDucJ2x33dVmIVkwpNapZjM+TThFYihV0Dl9wxCr/Kuz -MTIXvzC6bEEu24FsAWttt9vPV+yrIpidLZ0AKo6zYO6azU2Uui9whDps6Rzi1g6f -WVot3B9KCQTPtc80ayJiQQEnR1n13wlfInaD8cxqoic= +MIIDITCCAgkCFHexGHCisYJHDP/5HAFcT32jXvf8MA0GCSqGSIb3DQEBCwUAMFIx +CzAJBgNVBAYTAkVTMRowGAYDVQQKDBFCb29zdC5SZWRpcyBDSSBDQTELMAkGA1UE +CwwCSVQxGjAYBgNVBAMMEWJvb3N0LXJlZGlzLWNpLWNhMCAXDTI1MDYwNzEyNDc1 +MFoYDzIwODAwMzEwMTI0NzUwWjBGMQswCQYDVQQGEwJFUzEaMBgGA1UECgwRQm9v +c3QuUmVkaXMgQ0kgQ0ExCzAJBgNVBAsMAklUMQ4wDAYDVQQDDAVyZWRpczCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJeG8SyA6sOzdWn/G0KlugX1Se1e +S3xNSjk6pgaB6OELU1T8NRz3wpHlc2xGY6mEbZjBx/CEG7kukU6SLPPrwEu3cxDZ +wgxVyYaoVE5lD5Ue5lsowegO/jYsuDtB1ZbOby39LO3fLAte+aoLAoZam9Vpoatm +QvmYqgITSGGEPJSOapdu7UQBt0mcy1vY1eD+vNcZ/epk/cWBA5MU6hbGCa+8Mkky +tsDZ72D+OmdqZUJ4sSVU0fVZxjsQFhideUAu17UGYPqrQrvtzXMxDtMY7p4aBa+b +7QNfZ3wjNXnskXiDbiJ2F9UHamtTSd6IdXfU520davfeYJHfpr0NNZeS3IMCAwEA +ATANBgkqhkiG9w0BAQsFAAOCAQEAZitqMQOMwkYp9vfb4qdkuxoOIBq6Sx6aSXen +rS1N2g5eIhOV7mDyOgxPLVT3kZDsGKYGpbrjHFoYd9zALO0ZY05Vgm2Hlg10oCjq +iEdWr+PDDSRH762n4MNXZToG3ijPXNfNbMwDuXg0fG96P9D19dOsGwRUBWnaG8F0 +v3K+rEOXZNVZU4v7FhyNUmyqdpk2TQpj+k5aBwdOAWGfExeOo36AGJ5+JRR/85DA +rEPISY29eUwH8q+Pmj2DZ3YNee+6f/YvkO4+Ms9h74KqaIr/R/jeLnlUPx7szFmu +Ko9+AB0KA84HwkZhf1lPZrxouEqD5JZQ8xvjqhSFG/BxvqgW+w== -----END CERTIFICATE----- diff --git a/tools/tls/server.key b/tools/tls/server.key new file mode 100644 index 00000000..d425eaba --- /dev/null +++ b/tools/tls/server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCXhvEsgOrDs3Vp +/xtCpboF9UntXkt8TUo5OqYGgejhC1NU/DUc98KR5XNsRmOphG2YwcfwhBu5LpFO +kizz68BLt3MQ2cIMVcmGqFROZQ+VHuZbKMHoDv42LLg7QdWWzm8t/Szt3ywLXvmq +CwKGWpvVaaGrZkL5mKoCE0hhhDyUjmqXbu1EAbdJnMtb2NXg/rzXGf3qZP3FgQOT +FOoWxgmvvDJJMrbA2e9g/jpnamVCeLElVNH1WcY7EBYYnXlALte1BmD6q0K77c1z +MQ7TGO6eGgWvm+0DX2d8IzV57JF4g24idhfVB2prU0neiHV31OdtHWr33mCR36a9 +DTWXktyDAgMBAAECggEAFHUTen6tM163K2hVtdnKE6PaJ0HjzxRgQPm6EIbZegid +Z4vlX9PTYP8pZiTar7hBU65V4BL16zpuQ71YdFYP0CkkT9IWcLPkUVnIiAz83ZUe +ZJBMHZhomcfP17A7tfCI8hyMRFEtERvxeROjc6AoCdgJC6ryv9/sk/smeoPv6d5b +NyRBA1TbQ7yV/Z1yTymkGsUHDSzqnogrB3/t8DCpbGHWj5mUCiQP0rTFAhjQNG0g +xaOfJEf/zyQNBREz2G/0d00ZhPx8CdwRuKVCNX+z/3hrJm4BGyiN8/B246TBZR6B +8Bv3bXwl7udCWgbc8yLxhDQQnxmr/0hEz3uKoMBdgQKBgQDFxHJy6Ko+2b4RICir +zCtx4xM5cU5MoFVvJPatYxmPBnDUGGgkxAtuKyHzerI0dX6yk9BJtR7Uy0HyTLv+ +2iCBcukq1ssI6GFgV+SCoqFq+DZfDEho11UlAeXtvYLsUxOTdlbyqg72q74gh1rb +jD9kG+9bycwWlhnWbkyNDT0aJwKBgQDEJPCrNTYuHqFW3wC3X3lj0uTrwh3fkeDF +gqIDwhCoHSnzrNo0XkAY2v5PhYyb0ThW6Gvbz/6k2MdOlcT7Ru4Ff6Nv8isw2N5+ +GT7PALrTwjtM3O10KtWvXgvleeB44dofsFlBmJTSysYyGVeGppxSgLM+TqRA7cLq +7up+DuCwRQKBgQCBeNeYhNuX5AM7wPr/Zd33ZDrcu2IQZlMoPWHFJ4C/Eu9g202q +7DGzgUdr2CK8l0NH899DsfCqTRsyXqwg73qiZLFjm1U20rOVWFVAdOoKVs95sFfj +Uz3pyXFXEF+bCdRiEPJhUZYURWFmeFayLwH9LxCn3dff3YqyyGkTWtxqtwKBgQCg +F5KD+zuMqx1+nSelg/y9WF3We6sMVrHCI9x++r/Dp4IdTKERCzh/0Qau+08Hwt2c +OboHQJ4UCIesgZu0iHEv9bz9Wwibpvb6rzpPlMXonujt1IjPP0MIDtfg5fgsUhNJ +uBMx8grOfgkEzSBeW9DNmhQyr9dq02U7gePNHfGQjQKBgQCw4LlrJHaWIAvh9hgH +MAYtlkxJkZwASWCntab241ZXQvD27+Nuc/wlBWN/unGJ2ip++IOHpG0rRtg58/lH +6/lzJ9wBISD5JOPU7av/iBirz9r3A5j7es9V3qer/69D+qh7lZHuKWHkOdgorgH0 +3XVmr7yPNQQs4Jw/JKrMmVHX6A== +-----END PRIVATE KEY-----