diff --git a/.github/workflows/test-authnz.yaml b/.github/workflows/test-authnz.yaml index 2101ad485e92..16abe35dd0c0 100644 --- a/.github/workflows/test-authnz.yaml +++ b/.github/workflows/test-authnz.yaml @@ -24,8 +24,8 @@ on: - 'deps/rabbitmq_auth_/**' - 'deps/rabbitmq_mqtt/**' - 'deps/rabbitmq_management/selenium/full-suite-authnz-messaging' - - 'deps/rabbitmq_management/selenium/suites/authnz-messaging' - - 'deps/rabbitmq_management/selenium/test/authnz-msg-protocols' + - 'deps/rabbitmq_management/selenium/suites/authnz-messaging/**' + - 'deps/rabbitmq_management/selenium/test/authnz-msg-protocols/**' - .github/workflows/test-authnz.yaml concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} @@ -95,7 +95,9 @@ jobs: run: | RABBITMQ_DOCKER_IMAGE=bazel/packaging/docker-image:rabbitmq-amd64 \ ${SELENIUM_DIR}/run-suites.sh full-suite-authnz-messaging - + mkdir -p /tmp/full-suite-authnz-messaging + mv /tmp/selenium/* /tmp/full-suite-authnz-messaging + - name: Upload Test Artifacts if: always() uses: actions/upload-artifact@v4.3.2 diff --git a/.github/workflows/test-management-ui-for-pr.yaml b/.github/workflows/test-management-ui-for-pr.yaml index 6d8775d6b1dc..6ec4bf64e28a 100644 --- a/.github/workflows/test-management-ui-for-pr.yaml +++ b/.github/workflows/test-management-ui-for-pr.yaml @@ -75,11 +75,7 @@ jobs: ${SELENIUM_DIR}/run-suites.sh mkdir -p /tmp/full-suite mv /tmp/selenium/* /tmp/full-suite - mkdir -p /tmp/full-suite/logs - mv ${SELENIUM_DIR}/logs/* /tmp/full-suite/logs - mkdir -p /tmp/full-suite/screens - mv ${SELENIUM_DIR}/screens/* /tmp/full-suite/screens - + - name: Upload Test Artifacts if: always() uses: actions/upload-artifact@v4.3.2 diff --git a/.github/workflows/test-management-ui.yaml b/.github/workflows/test-management-ui.yaml index 10c80a981b59..d7f9ea0e361c 100644 --- a/.github/workflows/test-management-ui.yaml +++ b/.github/workflows/test-management-ui.yaml @@ -90,11 +90,7 @@ jobs: ADDON_PROFILES=cluster ${SELENIUM_DIR}/run-suites.sh short-suite-management-ui mkdir -p /tmp/short-suite mv /tmp/selenium/* /tmp/short-suite - mkdir -p /tmp/short-suite/logs - mv ${SELENIUM_DIR}/logs/* /tmp/short-suite/logs - mkdir -p /tmp/short-suite/screens - mv ${SELENIUM_DIR}/screens/* /tmp/short-suite/screens - + - name: Upload Test Artifacts if: always() uses: actions/upload-artifact@v4.3.2 diff --git a/selenium/.gitignore b/selenium/.gitignore index 63c36b351eb4..250dd02db8df 100644 --- a/selenium/.gitignore +++ b/selenium/.gitignore @@ -7,3 +7,10 @@ suites/screens/* test/oauth/*/h2/*.trace.db test/oauth/*/h2/*.lock.db */target/* +tls-gen +test/*/certs/*.pem +test/*/certs/*.p12 +test/*/certs/*.jks +test/*/*/*.pem +test/*/*/*.p12 +test/*/*/*.jks diff --git a/selenium/amqp10-roundtriptest/src/main/java/com/rabbitmq/amqp1_0/RoundTripTest.java b/selenium/amqp10-roundtriptest/src/main/java/com/rabbitmq/amqp1_0/RoundTripTest.java index d683e23d8bce..461f43722cbf 100644 --- a/selenium/amqp10-roundtriptest/src/main/java/com/rabbitmq/amqp1_0/RoundTripTest.java +++ b/selenium/amqp10-roundtriptest/src/main/java/com/rabbitmq/amqp1_0/RoundTripTest.java @@ -15,15 +15,45 @@ public class RoundTripTest { public static String getEnv(String property, String defaultValue) { return System.getenv(property) == null ? defaultValue : System.getenv(property); } + public static String getEnv(String property) { + String value = System.getenv(property); + if (value == null) { + throw new IllegalArgumentException("Missing env variable " + property); + } + return value; + } public static void main(String args[]) throws Exception { String hostname = getEnv("RABBITMQ_HOSTNAME", "localhost"); String port = getEnv("RABBITMQ_AMQP_PORT", "5672"); String scheme = getEnv("RABBITMQ_AMQP_SCHEME", "amqp"); + String uri = scheme + "://" + hostname + ":" + port; String username = args.length > 0 ? args[0] : getEnv("RABBITMQ_AMQP_USERNAME", "guest"); String password = args.length > 1 ? args[1] : getEnv("RABBITMQ_AMQP_PASSWORD", "guest"); - String uri = scheme + "://" + hostname + ":" + port; + + boolean usemtls = Boolean.parseBoolean(getEnv("AMQP_USE_MTLS", "false")); + String certsLocation = getEnv("RABBITMQ_CERTS"); + + if ("amqps".equals(scheme)) { + List connectionParams = new ArrayList(); + + connectionParams.add("transport.trustStoreLocation=" + certsLocation + "/truststore.jks"); + connectionParams.add("transport.trustStorePassword=foobar"); + connectionParams.add("transport.verifyHost=true"); + connectionParams.add("transport.trustAll=true"); - System.out.println("AMQPS Roundrip using uri " + uri); + if (usemtls) { + connectionParams.add("amqp.saslMechanisms=EXTERNAL"); + connectionParams.add("transport.keyStoreLocation=" + certsLocation + "/client_rabbitmq.jks"); + connectionParams.add("transport.keyStorePassword=foobar"); + connectionParams.add("transport.keyAlias=client-rabbitmq-tls"); + } + if (!connectionParams.isEmpty()) { + uri = uri + "?" + String.join("&", connectionParams); + System.out.println("Using AMQP URI " + uri); + } + } + + assertNotNull(uri); Hashtable env = new Hashtable<>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "org.apache.qpid.jms.jndi.JmsInitialContextFactory"); @@ -33,12 +63,11 @@ public static void main(String args[]) throws Exception { env.put("jms.requestTimeout", 5); javax.naming.Context context = new javax.naming.InitialContext(env); - assertNotNull(uri); - ConnectionFactory factory = (ConnectionFactory) context.lookup("myFactoryLookup"); Destination queue = (Destination) context.lookup("myQueueLookup"); - try (Connection connection = factory.createConnection(username, password)) { + try (Connection connection = + createConnection(factory, usemtls, username, password)) { connection.start(); Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE); @@ -56,5 +85,12 @@ public static void main(String args[]) throws Exception { assertEquals(message.getText(), receivedMessage.getText()); } + } + private static Connection createConnection(ConnectionFactory factory, + boolean usemtls, String username, String password) throws jakarta.jms.JMSException { + if (usemtls) { + return factory.createConnection(); + } + return factory.createConnection(username, password); } } diff --git a/selenium/bin/components/devkeycloak b/selenium/bin/components/devkeycloak index 352544372c4a..2147695739ea 100644 --- a/selenium/bin/components/devkeycloak +++ b/selenium/bin/components/devkeycloak @@ -9,6 +9,9 @@ init_devkeycloak() { print "> DEVKEYCLOAK_CONFIG_DIR: ${DEVKEYCLOAK_CONFIG_DIR}" print "> DEVKEYCLOAK_URL: ${DEVKEYCLOAK_URL}" print "> DEVKEYCLOAK_DOCKER_IMAGE: ${KEYCLOAK_DOCKER_IMAGE}" + + generate-ca-server-client-kpi devkeycloak $DEVKEYCLOAK_CONFIG_DIR + } ensure_devkeycloak() { if docker ps | grep devkeycloak &> /dev/null; then diff --git a/selenium/bin/components/fakeportal b/selenium/bin/components/fakeportal index aadbda50327b..cd42c272fee9 100644 --- a/selenium/bin/components/fakeportal +++ b/selenium/bin/components/fakeportal @@ -1,3 +1,10 @@ +#!/usr/bin/env bash + +SCRIPT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + +if [[ ! -z "${DEBUG}" ]]; then + set -x +fi ensure_fakeportal() { if docker ps | grep fakeportal &> /dev/null; then @@ -9,7 +16,7 @@ ensure_fakeportal() { init_fakeportal() { FAKEPORTAL_URL=${FAKEPORTAL_URL:-http://fakeportal:3000} - FAKEPORTAL_DIR=${SCRIPT}/../fakeportal + FAKEPORTAL_DIR=${SCRIPT}/../../fakeportal CLIENT_ID="${CLIENT_ID:-rabbit_idp_user}" CLIENT_SECRET="${CLIENT_SECRET:-rabbit_idp_user}" RABBITMQ_HOST=${RABBITMQ_HOST:-proxy:9090} @@ -44,6 +51,8 @@ start_fakeportal() { --env UAA_URL="${UAA_URL_FOR_FAKEPORTAL}" \ --env CLIENT_ID="${CLIENT_ID}" \ --env CLIENT_SECRET="${CLIENT_SECRET}" \ + --env NODE_EXTRA_CA_CERTS=/etc/uaa/ca_uaa_certificate.pem \ + -v ${TEST_CONFIG_PATH}/uaa:/etc/uaa \ -v ${FAKEPORTAL_DIR}:/code/fakeportal \ mocha-test:${mocha_test_tag} run fakeportal diff --git a/selenium/bin/components/fakeproxy b/selenium/bin/components/fakeproxy index 2705ee80427e..cf6983371f0a 100644 --- a/selenium/bin/components/fakeproxy +++ b/selenium/bin/components/fakeproxy @@ -1,4 +1,10 @@ +#!/usr/bin/env bash +SCRIPT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + +if [[ ! -z "${DEBUG}" ]]; then + set -x +fi ensure_fakeproxy() { if docker ps | grep fakeproxy &> /dev/null; then @@ -10,7 +16,7 @@ ensure_fakeproxy() { init_fakeproxy() { FAKEPROXY_URL=${FAKEPROXY_URL:-http://fakeproxy:9090} - FAKEPROXY_DIR=${SCRIPT}/../fakeportal + FAKEPROXY_DIR=${SCRIPT}/../../fakeportal CLIENT_ID="${CLIENT_ID:-rabbit_idp_user}" CLIENT_SECRET="${CLIENT_SECRET:-rabbit_idp_user}" RABBITMQ_HOST_FOR_FAKEPROXY=${RABBITMQ_HOST_FOR_FAKEPROXY:-rabbitmq:15672} @@ -43,6 +49,8 @@ start_fakeproxy() { --env UAA_URL="${UAA_URL_FOR_FAKEPROXY}" \ --env CLIENT_ID="${CLIENT_ID}" \ --env CLIENT_SECRET="${CLIENT_SECRET}" \ + --env NODE_EXTRA_CA_CERTS=/etc/uaa/ca_uaa_certificate.pem \ + -v ${TEST_CONFIG_PATH}/uaa:/etc/uaa \ -v ${FAKEPROXY_DIR}:/code/fakeportal \ mocha-test:${mocha_test_tag} run fakeproxy diff --git a/selenium/bin/components/keycloak b/selenium/bin/components/keycloak index d6470262f194..a632f6560b1e 100644 --- a/selenium/bin/components/keycloak +++ b/selenium/bin/components/keycloak @@ -17,6 +17,9 @@ init_keycloak() { print "> KEYCLOAK_CONFIG_DIR: ${KEYCLOAK_CONFIG_DIR}" print "> KEYCLOAK_URL: ${KEYCLOAK_URL}" print "> KEYCLOAK_DOCKER_IMAGE: ${KEYCLOAK_DOCKER_IMAGE}" + + generate-ca-server-client-kpi keycloak $KEYCLOAK_CONFIG_DIR + } start_keycloak() { begin "Starting keycloak ..." @@ -44,7 +47,7 @@ start_keycloak() { --https-certificate-file=/opt/keycloak/data/import/server_keycloak_certificate.pem \ --https-certificate-key-file=/opt/keycloak/data/import/server_keycloak_key.pem - wait_for_oidc_endpoint keycloak $KEYCLOAK_URL $MOUNT_KEYCLOAK_CONF_DIR/ca_certificate.pem + wait_for_oidc_endpoint keycloak $KEYCLOAK_URL $MOUNT_KEYCLOAK_CONF_DIR/ca_keycloak_certificate.pem end "Keycloak is ready" print " Note: If you modify keycloak configuration. Make sure to run the following command to export the configuration." diff --git a/selenium/bin/components/prodkeycloak b/selenium/bin/components/prodkeycloak index c0e3ee16192e..45e772eec48a 100644 --- a/selenium/bin/components/prodkeycloak +++ b/selenium/bin/components/prodkeycloak @@ -16,6 +16,9 @@ init_prodkeycloak() { print "> PRODKEYCLOAK_CONFIG_DIR: ${PRODKEYCLOAK_CONFIG_DIR}" print "> PRODKEYCLOAK_URL: ${PRODKEYCLOAK_URL}" print "> KEYCLOAK_DOCKER_IMAGE: ${KEYCLOAK_DOCKER_IMAGE}" + + generate-ca-server-client-kpi prodkeycloak $PRODKEYCLOAK_CONFIG_DIR + } start_prodkeycloak() { begin "Starting prodkeycloak ..." diff --git a/selenium/bin/components/rabbitmq b/selenium/bin/components/rabbitmq index 2610a7b27948..ea74d344052f 100644 --- a/selenium/bin/components/rabbitmq +++ b/selenium/bin/components/rabbitmq @@ -1,6 +1,9 @@ #!/usr/bin/env bash +SCRIPT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + + init_rabbitmq() { RABBITMQ_CONFIG_DIR=${TEST_CONFIG_DIR} RABBITMQ_DOCKER_IMAGE=${RABBITMQ_DOCKER_IMAGE:-rabbitmq} @@ -10,6 +13,13 @@ init_rabbitmq() { [[ -z "${OAUTH_SERVER_CONFIG_BASEDIR}" ]] || print "> OAUTH_SERVER_CONFIG_BASEDIR: ${OAUTH_SERVER_CONFIG_BASEDIR}" [[ -z "${OAUTH_SERVER_CONFIG_DIR}" ]] || print "> OAUTH_SERVER_CONFIG_DIR: ${OAUTH_SERVER_CONFIG_DIR}" + if [[ ! -d "${RABBITMQ_CONFIG_DIR}/certs" ]]; then + mkdir ${RABBITMQ_CONFIG_DIR}/certs + fi + generate-ca-server-client-kpi rabbitmq $RABBITMQ_CONFIG_DIR/certs + generate-server-keystore-if-required rabbitmq $RABBITMQ_CONFIG_DIR/certs + generate-client-keystore-if-required rabbitmq $RABBITMQ_CONFIG_DIR/certs + generate-truststore-if-required rabbitmq $RABBITMQ_CONFIG_DIR/certs } start_rabbitmq() { @@ -157,7 +167,7 @@ start_docker_rabbitmq() { if [ -f ${RABBITMQ_CONFIG_DIR}/enabled_plugins ]; then cp ${RABBITMQ_CONFIG_DIR}/enabled_plugins $CONF_DIR/rabbitmq fi - if [ -d ${RABBITMQ_CONFIG_DIR}/certs ]; then + if [ -d "${RABBITMQ_CONFIG_DIR}/certs" ]; then cp -r ${RABBITMQ_CONFIG_DIR}/certs $CONF_DIR/rabbitmq fi if [ -d ${RABBITMQ_CONFIG_DIR}/imports ]; then @@ -175,10 +185,10 @@ start_docker_rabbitmq() { -p 15672:15672 \ -p 15671:15671 \ -v $CONF_DIR/rabbitmq/:/etc/rabbitmq \ - -v $CONF_DIR/rabbitmq/:/var/rabbitmq \ + -v $CONF_DIR/rabbitmq/imports:/var/rabbitmq/imports \ -v ${TEST_DIR}:/config \ ${RABBITMQ_DOCKER_IMAGE} - + wait_for_message rabbitmq "Server startup complete" end "RabbitMQ ready" } diff --git a/selenium/bin/components/uaa b/selenium/bin/components/uaa index f07b535176f8..2a91fb468aa0 100644 --- a/selenium/bin/components/uaa +++ b/selenium/bin/components/uaa @@ -16,6 +16,9 @@ init_uaa() { print "> UAA_CONFIG_DIR: ${UAA_CONFIG_DIR}" print "> UAA_URL: ${UAA_URL}" print "> UAA_DOCKER_IMAGE: ${UAA_DOCKER_IMAGE}" + + generate-ca-server-client-kpi uaa $UAA_CONFIG_DIR + generate-server-keystore-if-required uaa $UAA_CONFIG_DIR } start_uaa() { begin "Starting UAA ..." @@ -34,12 +37,13 @@ start_uaa() { --detach \ --name uaa \ --net ${DOCKER_NETWORK} \ - --publish 8080:8080 \ - --mount "type=bind,source=$MOUNT_UAA_CONF_DIR,target=/uaa" \ + --publish 8443:8443 \ + -v ${MOUNT_UAA_CONF_DIR}:/uaa \ + -v ${UAA_CONFIG_DIR}/server.xml:/layers/paketo-buildpacks_apache-tomcat/catalina-base/conf/server.xml \ --env UAA_CONFIG_PATH="/uaa" \ - --env JAVA_OPTS="-Djava.security.egd=file:/dev/./urandom" \ + --env JAVA_OPTS="-Djava.security.policy=unlimited -Djava.security.egd=file:/dev/./urandom" \ ${UAA_DOCKER_IMAGE} - + wait_for_oidc_endpoint uaa $UAA_URL end "UAA is ready" } diff --git a/selenium/bin/gen-env-file b/selenium/bin/gen-env-file index 60c4b4bfc50d..33d745c90615 100755 --- a/selenium/bin/gen-env-file +++ b/selenium/bin/gen-env-file @@ -1,7 +1,10 @@ #!/usr/bin/env bash SCRIPT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -#set -x +if [[ ! -z "${DEBUG}" ]]; then + set -x +fi + ENV_FILE="/tmp/rabbitmq/.env" FIND_PATH=$1 @@ -13,6 +16,11 @@ generate_env_file() { mkdir -p $parentdir echo "#!/usr/bin/env bash" > $ENV_FILE echo "set -u" >> $ENV_FILE +<<<<<<< HEAD +======= + echo "export SELENIUM=${SCRIPT}/.." >> $ENV_FILE + echo "export TEST_CONFIG_PATH=${FIND_PATH}" >> $ENV_FILE +>>>>>>> 6bf27a212f (Use tls in oauth providers and rabbitmq) declare -a FILE_ARRAY for f in $($SCRIPT/find-template-files $FIND_PATH "env") diff --git a/selenium/bin/suite_template b/selenium/bin/suite_template index faad7cbb8031..ecad529b1985 100644 --- a/selenium/bin/suite_template +++ b/selenium/bin/suite_template @@ -30,9 +30,9 @@ find_selenium_dir() { SELENIUM_ROOT_FOLDER=$(find_selenium_dir $SCRIPT) TEST_DIR=$SELENIUM_ROOT_FOLDER/test BIN_DIR=$SELENIUM_ROOT_FOLDER/bin -LOGS=${SELENIUM_ROOT_FOLDER}/logs/${SUITE} SCREENS=${SELENIUM_ROOT_FOLDER}/screens/${SUITE} CONF_DIR=/tmp/selenium/${SUITE} +LOGS=${CONF_DIR}/logs ENV_FILE=$CONF_DIR/.env rm -rf $CONF_DIR @@ -132,7 +132,7 @@ build_mocha_image() { tag=($(md5sum $SELENIUM_ROOT_FOLDER/package.json)) print "> tag : $tag" if [[ $(docker images -q mocha-test:$tag 2> /dev/null) == "" ]]; then - docker build -t mocha-test:$tag --target test $SCRIPT/.. + docker build -t mocha-test:$tag --target test $SELENIUM_ROOT_FOLDER print "> Built docker image mocha-test:$tag" fi end "mocha-test image exists" @@ -170,13 +170,13 @@ wait_for_oidc_endpoint() { wait_for_oidc_endpoint_local() { NAME=$1 BASE_URL=$2 - CURL_ARGS="-L --fail " + CURL_ARGS="-k --tlsv1.2 -L --fail " DELAY_BETWEEN_ATTEMPTS=5 if [[ $# -eq 3 ]]; then CURL_ARGS="$CURL_ARGS --cacert $3" DELAY_BETWEEN_ATTEMPTS=10 fi - max_retry=10 + max_retry=15 counter=0 print "Waiting for OIDC discovery endpoint $NAME ... (BASE_URL: $BASE_URL)" until (curl $CURL_ARGS ${BASE_URL}/.well-known/openid-configuration >/dev/null 2>&1) @@ -191,7 +191,7 @@ wait_for_oidc_endpoint_local() { wait_for_oidc_endpoint_docker() { NAME=$1 BASE_URL=$2 - CURL_ARGS="-L --fail " + CURL_ARGS="-k --tlsv1.2 -L --fail " DOCKER_ARGS="--rm --net ${DOCKER_NETWORK} " DELAY_BETWEEN_ATTEMPTS=5 if [[ $# -gt 2 ]]; then @@ -199,7 +199,7 @@ wait_for_oidc_endpoint_docker() { CURL_ARGS="$CURL_ARGS --cacert /tmp/ca_certificate.pem" DELAY_BETWEEN_ATTEMPTS=10 fi - max_retry=10 + max_retry=15 counter=0 print "Waiting for OIDC discovery endpoint $NAME ... (BASE_URL: $BASE_URL)" until (docker run $DOCKER_ARGS curlimages/curl:7.85.0 $CURL_ARGS ${BASE_URL}/.well-known/openid-configuration >/dev/null 2>&1) @@ -333,9 +333,11 @@ _test() { --env SELENIUM_POLLING=${SELENIUM_POLLING} \ --env PROFILES="${PROFILES}" \ --env ENV_FILE="/code/.env" \ + --env RABBITMQ_CERTS=/etc/rabbitmq/certs \ --env NODE_EXTRA_CA_CERTS=/nodejs/ca.pem \ -v ${MOUNT_NODE_EXTRA_CA_CERTS}:/nodejs/ca.pem \ -v ${TEST_DIR}:/code/test \ + -v ${TEST_CONFIG_DIR}/certs:/etc/rabbitmq/certs \ -v ${SCREENS}:/screens \ -v ${ENV_FILE}:/code/.env \ mocha-test:${mocha_test_tag} test /code/test${TEST_CASES_PATH} @@ -371,10 +373,104 @@ profiles_with_local_or_docker() { generate_env_file() { begin "Generating env file ..." mkdir -p $CONF_DIR - ${BIN_DIR}/gen-env-file $TEST_CONFIG_DIR $ENV_FILE - source $ENV_FILE + ${BIN_DIR}/gen-env-file $TEST_CONFIG_DIR $ENV_FILE + source $ENV_FILE end "Finished generating env file." } +generate-ca-server-client-kpi() { + NAME=$1 + FOLDER=$2 + if [[ ! -f "${FOLDER}/server_${NAME}_key.pem" ]]; then + do_generate-ca-server-client-kpi $1 $2 + fi +} +do_generate-ca-server-client-kpi() { + NAME=$1 + FOLDER=$2 + ROOT=$SELENIUM_ROOT_FOLDER + + begin "Generate certs for $NAME" + + if [ ! -d "$ROOT/tls-gen" ]; then + git clone https://github.com/michaelklishin/tls-gen $ROOT/tls-gen + fi + + print "Generating CA and Server (localhost and $NAME) PKI under $FOLDER ..." + mkdir -p $FOLDER + + CUR_DIR=$(pwd) + cd $ROOT/tls-gen/basic + cp openssl.cnf openssl.cnf.bak + if [ -f "$FOLDER/openssl.cnf.in" ]; then + cp $FOLDER/openssl.cnf.in >> openssl.cnf + fi + if [[ ! -z "${DEBUG}" ]]; then + print "Used this openssl.conf" + cat openssl.cnf + fi + make CN=$NAME CLIENT_ALT_NAME=internaluser + cp openssl.cnf.bak openssl.cnf + cd $CUR_DIR + + cp $ROOT/tls-gen/basic/result/ca_certificate.pem $FOLDER/ca_${NAME}_certificate.pem + cp $ROOT/tls-gen/basic/result/server_${NAME}_certificate.pem $FOLDER + cp $ROOT/tls-gen/basic/result/server_${NAME}_key.pem $FOLDER + cp $ROOT/tls-gen/basic/result/server_${NAME}.p12 $FOLDER + cp $ROOT/tls-gen/basic/result/client_${NAME}_certificate.pem $FOLDER + cp $ROOT/tls-gen/basic/result/client_${NAME}_key.pem $FOLDER + cp $ROOT/tls-gen/basic/result/client_${NAME}.p12 $FOLDER + chmod ugo+r $FOLDER/*.pem + end "SSL Certificates generated for $NAME under $FOLDER" +} +generate-truststore-if-required() { + NAME=$1 + FOLDER=$2 + if [[ ! -f "${FOLDER}/truststore.jks" ]]; then + keytool -import \ + -trustcacerts \ + -file ${FOLDER}/ca_${NAME}_certificate.pem \ + -keystore ${FOLDER}/truststore.jks \ + -storepass foobar \ + -noprompt + fi +} +generate-server-keystore-if-required() { + NAME=$1 + FOLDER=$2 + if [ ! -f "${FOLDER}/server_${NAME}.jks" ]; then + keytool -importkeystore \ + -destkeystore ${FOLDER}/server_${NAME}.jks \ + -srckeystore ${FOLDER}/server_${NAME}.p12 \ + -deststoretype pkcs12 \ + -srcstoretype pkcs12 \ + -alias 1 \ + -destalias server-${NAME}-tls \ + -deststorepass foobar \ + -destkeypass foobar \ + -srcstorepass "" \ + -srckeypass "" \ + -noprompt + fi +} +generate-client-keystore-if-required() { + NAME=$1 + FOLDER=$2 + if [ ! -f "${FOLDER}/client_${NAME}.jks" ]; then + keytool -importkeystore \ + -destkeystore ${FOLDER}/client_${NAME}.jks \ + -srckeystore ${FOLDER}/client_${NAME}.p12 \ + -deststoretype pkcs12 \ + -srcstoretype pkcs12 \ + -alias 1 \ + -destalias client-${NAME}-tls \ + -deststorepass foobar \ + -destkeypass foobar \ + -srcstorepass "" \ + -srckeypass "" \ + -noprompt + fi +} + run() { runWith rabbitmq } @@ -420,13 +516,13 @@ elif [[ "$COMMAND" == "stop-rabbitmq" ]] fi } determine_required_components_including_rabbitmq() { - if [[ "$@" != *"rabbitmq"* ]]; then - REQUIRED_COMPONENTS+=("rabbitmq") - fi for (( i=1; i<=$#; i++)) { eval val='$'$i REQUIRED_COMPONENTS+=( "$val" ) } + if [[ "$@" != *"rabbitmq"* ]]; then + REQUIRED_COMPONENTS+=("rabbitmq") + fi } determine_required_components_excluding_rabbitmq() { for (( i=1; i<=$#; i++)) { @@ -489,7 +585,7 @@ test_local() { export RABBITMQ_AMQP_PASSWORD=${RABBITMQ_AMQP_PASSWORD} export SELENIUM_TIMEOUT=${SELENIUM_TIMEOUT:-20000} export SELENIUM_POLLING=${SELENIUM_POLLING:-500} - + print "> SELENIUM_TIMEOUT: ${SELENIUM_TIMEOUT}" print "> SELENIUM_POLLING: ${SELENIUM_POLLING}" print "> RABBITMQ_HOST: ${RABBITMQ_HOST}" diff --git a/selenium/fakeportal/app.js b/selenium/fakeportal/app.js index ea0ff1a37021..5b8d422d0375 100644 --- a/selenium/fakeportal/app.js +++ b/selenium/fakeportal/app.js @@ -56,8 +56,9 @@ function access_token(id, secret) { if (req.status == 200) { const token = JSON.parse(req.responseText).access_token; console.log("Token => " + token) - return token; + return token } else { - throw new Error(req.status + " : " + req.responseText); + throw new Error(req.status + " : " + " : " + + req.response + " : " + req.responseText) } } diff --git a/selenium/full-suite-authnz-messaging b/selenium/full-suite-authnz-messaging index 5eec8081fa62..b86198f7a759 100644 --- a/selenium/full-suite-authnz-messaging +++ b/selenium/full-suite-authnz-messaging @@ -4,6 +4,7 @@ authnz-messaging/auth-http-backend.sh authnz-messaging/auth-http-internal-backends-with-internal.sh authnz-messaging/auth-http-internal-backends.sh authnz-messaging/auth-internal-backend.sh +authnz-messaging/auth-internal-mtls-backend.sh authnz-messaging/auth-internal-http-backends.sh authnz-messaging/auth-ldap-backend.sh authnz-messaging/auth-http-backend.sh diff --git a/selenium/short-suite-management-ui b/selenium/short-suite-management-ui index dd0c79f0f889..30f2e1e803dc 100644 --- a/selenium/short-suite-management-ui +++ b/selenium/short-suite-management-ui @@ -1,5 +1,6 @@ authnz-mgt/basic-auth.sh authnz-mgt/oauth-with-keycloak.sh +authnz-mgt/oauth-with-uaa.sh mgt/vhosts.sh mgt/exchanges.sh mgt/limits.sh diff --git a/selenium/suites/authnz-messaging/auth-internal-backend.sh b/selenium/suites/authnz-messaging/auth-internal-backend.sh index a3f49c7ecf96..b513001e1f6c 100755 --- a/selenium/suites/authnz-messaging/auth-internal-backend.sh +++ b/selenium/suites/authnz-messaging/auth-internal-backend.sh @@ -3,7 +3,7 @@ SCRIPT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" TEST_CASES_PATH=/authnz-msg-protocols -PROFILES="internal-user auth_backends-internal " +PROFILES="internal-user auth_backends-internal" source $SCRIPT/../../bin/suite_template run diff --git a/selenium/suites/authnz-messaging/auth-internal-mtls-backend.sh b/selenium/suites/authnz-messaging/auth-internal-mtls-backend.sh new file mode 100755 index 000000000000..df92f9d9cd43 --- /dev/null +++ b/selenium/suites/authnz-messaging/auth-internal-mtls-backend.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +SCRIPT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + +TEST_CASES_PATH=/authnz-msg-protocols +PROFILES="internal-user auth_backends-internal tls auth-mtls" + +source $SCRIPT/../../bin/suite_template +run diff --git a/selenium/suites/authnz-mgt/basic-auth-behind-proxy.sh b/selenium/suites/authnz-mgt/basic-auth-behind-proxy.sh index 17c83430ebc9..5fc83d8d9818 100755 --- a/selenium/suites/authnz-mgt/basic-auth-behind-proxy.sh +++ b/selenium/suites/authnz-mgt/basic-auth-behind-proxy.sh @@ -6,4 +6,4 @@ TEST_CASES_PATH=/basic-auth PROFILES="proxy" source $SCRIPT/../../bin/suite_template -runWith proxy +runWith rabbitmq proxy diff --git a/selenium/suites/authnz-mgt/oauth-idp-initiated-with-uaa-and-prefix-via-proxy.sh b/selenium/suites/authnz-mgt/oauth-idp-initiated-with-uaa-and-prefix-via-proxy.sh index efbc223badc1..1217a386a998 100755 --- a/selenium/suites/authnz-mgt/oauth-idp-initiated-with-uaa-and-prefix-via-proxy.sh +++ b/selenium/suites/authnz-mgt/oauth-idp-initiated-with-uaa-and-prefix-via-proxy.sh @@ -7,4 +7,4 @@ TEST_CONFIG_PATH=/oauth PROFILES="uaa fakeportal fakeproxy fakeportal-mgt-oauth-provider idp-initiated mgt-prefix uaa-oauth-provider" source $SCRIPT/../../bin/suite_template $@ -runWith uaa fakeportal fakeproxy +runWith rabbitmq uaa fakeportal fakeproxy diff --git a/selenium/suites/authnz-mgt/oauth-idp-initiated-with-uaa-via-proxy.sh b/selenium/suites/authnz-mgt/oauth-idp-initiated-with-uaa-via-proxy.sh index 1de40086af1d..fc348fb5e189 100755 --- a/selenium/suites/authnz-mgt/oauth-idp-initiated-with-uaa-via-proxy.sh +++ b/selenium/suites/authnz-mgt/oauth-idp-initiated-with-uaa-via-proxy.sh @@ -7,4 +7,4 @@ TEST_CONFIG_PATH=/oauth PROFILES="uaa fakeportal fakeproxy fakeportal-mgt-oauth-provider idp-initiated uaa-oauth-provider" source $SCRIPT/../../bin/suite_template $@ -runWith uaa fakeportal fakeproxy +runWith rabbitmq uaa fakeportal fakeproxy diff --git a/selenium/suites/authnz-mgt/oauth-with-uaa.sh b/selenium/suites/authnz-mgt/oauth-with-uaa.sh index 2e382ab2c5f2..02c2e4c2ad0b 100755 --- a/selenium/suites/authnz-mgt/oauth-with-uaa.sh +++ b/selenium/suites/authnz-mgt/oauth-with-uaa.sh @@ -4,7 +4,7 @@ SCRIPT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" TEST_CASES_PATH=/oauth/with-sp-initiated TEST_CONFIG_PATH=/oauth -PROFILES="uaa uaa-oauth-provider uaa-mgt-oauth-provider" +PROFILES="uaa uaa-oauth-provider uaa-mgt-oauth-provider tls" source $SCRIPT/../../bin/suite_template $@ runWith uaa diff --git a/selenium/test/authnz-msg-protocols/amqp10.js b/selenium/test/authnz-msg-protocols/amqp10.js index 0901ae039ce3..98dedfdb421a 100644 --- a/selenium/test/authnz-msg-protocols/amqp10.js +++ b/selenium/test/authnz-msg-protocols/amqp10.js @@ -15,7 +15,10 @@ describe('Having AMQP 1.0 protocol enabled and the following auth_backends: ' + let expectations = [] let username = process.env.RABBITMQ_AMQP_USERNAME let password = process.env.RABBITMQ_AMQP_PASSWORD - + let usemtls = process.env.AMQP_USE_MTLS + let amqpClientCommand = "npm run amqp10_roundtriptest" + + (usemtls ? "" : " " + username + " " + password) + before(function () { if (backends.includes("http") && username.includes("http")) { reset() @@ -36,9 +39,8 @@ describe('Having AMQP 1.0 protocol enabled and the following auth_backends: ' + } }) - it('can open an AMQP 1.0 connection', function () { - execSync("npm run amqp10_roundtriptest -- " + username + " " + password) - + it('can open an AMQP 1.0 connection', function () { + console.log(execSync(amqpClientCommand).toString()) }) after(function () { diff --git a/selenium/test/authnz-msg-protocols/env.auth-mtls b/selenium/test/authnz-msg-protocols/env.auth-mtls new file mode 100644 index 000000000000..d00282f8e180 --- /dev/null +++ b/selenium/test/authnz-msg-protocols/env.auth-mtls @@ -0,0 +1,2 @@ +export MQTT_USE_MTLS=true +export AMQP_USE_MTLS=true diff --git a/selenium/test/authnz-msg-protocols/env.tls b/selenium/test/authnz-msg-protocols/env.tls new file mode 100644 index 000000000000..73854e5666ea --- /dev/null +++ b/selenium/test/authnz-msg-protocols/env.tls @@ -0,0 +1,2 @@ +export MQTT_PROTOCOL=mqtts +export RABBITMQ_MQTT_URL=mqtts://rabbitmq:8883 diff --git a/selenium/test/authnz-msg-protocols/mqtt.js b/selenium/test/authnz-msg-protocols/mqtt.js index 8a665c871834..5b120f20e36b 100644 --- a/selenium/test/authnz-msg-protocols/mqtt.js +++ b/selenium/test/authnz-msg-protocols/mqtt.js @@ -1,3 +1,4 @@ +const fs = require('fs') const assert = require('assert') const { tokenFor, openIdConfiguration } = require('../utils') const { reset, expectUser, expectVhost, expectResource, allow, verifyAll } = require('../mock_http_backend') @@ -14,11 +15,14 @@ for (const element of profiles.split(" ")) { describe('Having MQTT protocol enbled and the following auth_backends: ' + backends, function () { let mqttOptions let expectations = [] - let client_id = 'selenium-client' + let mqttProtocol = process.env.MQTT_PROTOCOL || 'mqtt' + let usemtls = process.env.MQTT_USE_MTLS || false let rabbit = process.env.RABBITMQ_HOSTNAME || 'localhost' + let mqttUrl = process.env.RABBITMQ_MQTT_URL || "mqtt://" + rabbit + ":1883" let username = process.env.RABBITMQ_AMQP_USERNAME let password = process.env.RABBITMQ_AMQP_PASSWORD - + let client_id = process.env.RABBITMQ_AMQP_USERNAME || 'selenium-client' + before(function () { if (backends.includes("http") && username.includes("http")) { reset() @@ -36,17 +40,26 @@ describe('Having MQTT protocol enbled and the following auth_backends: ' + backe mqttOptions = { clientId: client_id, protocolId: 'MQTT', + protocol: mqttProtocol, protocolVersion: 4, keepalive: 10000, clean: false, - reconnectPeriod: '1000', - username: username, - password: password, + reconnectPeriod: '1000' + } + if (mqttProtocol == 'mqtts') { + mqttOptions["ca"] = [fs.readFileSync(process.env.RABBITMQ_CERTS + "/ca_rabbitmq_certificate.pem")] + } + if (usemtls) { + mqttOptions["cert"] = fs.readFileSync(process.env.RABBITMQ_CERTS + "/client_rabbitmq_certificate.pem") + mqttOptions["key"] = fs.readFileSync(process.env.RABBITMQ_CERTS + "/client_rabbitmq_key.pem") + } else { + mqttOptions["username"] = username + mqttOptions["password"] = password } }) it('can open an MQTT connection', function () { - var client = mqtt.connect("mqtt://" + rabbit + ":1883", mqttOptions) + var client = mqtt.connect(mqttUrl, mqttOptions) client.on('error', function(err) { assert.fail("Mqtt connection failed due to " + err) client.end() diff --git a/selenium/test/authnz-msg-protocols/rabbitmq.auth-mtls.conf b/selenium/test/authnz-msg-protocols/rabbitmq.auth-mtls.conf new file mode 100644 index 000000000000..9f40857d94fb --- /dev/null +++ b/selenium/test/authnz-msg-protocols/rabbitmq.auth-mtls.conf @@ -0,0 +1,13 @@ + +auth_mechanisms.1 = EXTERNAL + +ssl_cert_login_from = subject_alternative_name +ssl_cert_login_san_type = dns +ssl_cert_login_san_index = 1 +ssl_options.verify = verify_peer +ssl_options.fail_if_no_peer_cert = true + +mqtt.ssl_cert_login = true +mqtt.ssl_cert_client_id_from = subject_alternative_name +mqtt.ssl_cert_login_san_type = dns +mqtt.ssl_cert_login_san_index = 1 diff --git a/selenium/test/authnz-msg-protocols/rabbitmq.tls.conf b/selenium/test/authnz-msg-protocols/rabbitmq.tls.conf new file mode 100644 index 000000000000..8478c874bf2f --- /dev/null +++ b/selenium/test/authnz-msg-protocols/rabbitmq.tls.conf @@ -0,0 +1,13 @@ + +listeners.ssl.1 = 5671 + +ssl_options.cacertfile = ${RABBITMQ_CERTS}/ca_rabbitmq_certificate.pem +ssl_options.certfile = ${RABBITMQ_CERTS}/server_rabbitmq_certificate.pem +ssl_options.keyfile = ${RABBITMQ_CERTS}/server_rabbitmq_key.pem + +management.ssl.port = 15671 +management.ssl.cacertfile = ${RABBITMQ_CERTS}/ca_rabbitmq_certificate.pem +management.ssl.certfile = ${RABBITMQ_CERTS}/server_rabbitmq_certificate.pem +management.ssl.keyfile = ${RABBITMQ_CERTS}/server_rabbitmq_key.pem + +mqtt.listeners.ssl.default = 8883 diff --git a/selenium/test/env.docker b/selenium/test/env.docker index 1d058b9f4e88..f4f43406b01f 100644 --- a/selenium/test/env.docker +++ b/selenium/test/env.docker @@ -2,3 +2,4 @@ export RABBITMQ_SCHEME=http export RABBITMQ_HOSTNAME=rabbitmq export RABBITMQ_HOST=rabbitmq:15672 export IMPORT_DIR=/var/rabbitmq/imports +export RABBITMQ_CERTS=/etc/rabbitmq/certs diff --git a/selenium/test/env.local b/selenium/test/env.local index 8ec9aeac8fac..54202bca511a 100644 --- a/selenium/test/env.local +++ b/selenium/test/env.local @@ -1,3 +1,5 @@ export RABBITMQ_SCHEME=http export RABBITMQ_HOSTNAME=localhost export RABBITMQ_HOST=localhost:15672 +export RABBITMQ_CERTS=${TEST_CONFIG_PATH}/certs +export IMPORT_DIR=${TEST_CONFIG_PATH}/imports diff --git a/selenium/test/env.tls.docker b/selenium/test/env.tls.docker index e598d14b7439..a9caefca6df5 100644 --- a/selenium/test/env.tls.docker +++ b/selenium/test/env.tls.docker @@ -1,3 +1,5 @@ export RABBITMQ_SCHEME=https export RABBITMQ_HOSTNAME=rabbitmq export RABBITMQ_HOST=rabbitmq:15671 +export RABBITMQ_AMQP_SCHEME=amqps +export RABBITMQ_AMQP_PORT=5671 diff --git a/selenium/test/env.tls.local b/selenium/test/env.tls.local index e39b7b520c8a..1be7c45ba4a9 100644 --- a/selenium/test/env.tls.local +++ b/selenium/test/env.tls.local @@ -1,3 +1,6 @@ export RABBITMQ_SCHEME=https export RABBITMQ_HOSTNAME=localhost export RABBITMQ_HOST=localhost:15671 +export RABBITMQ_AMQP_SCHEME=amqps +export RABBITMQ_AMQP_PORT=5671 + diff --git a/selenium/test/multi-oauth/certs/ca_certificate.pem b/selenium/test/multi-oauth/certs/ca_certificate.pem deleted file mode 100644 index cd37bea304f5..000000000000 --- a/selenium/test/multi-oauth/certs/ca_certificate.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDezCCAmOgAwIBAgIJAOA06nrAwraBMA0GCSqGSIb3DQEBCwUAMEwxOzA5BgNV -BAMMMlRMU0dlblNlbGZTaWduZWR0Um9vdENBIDIwMjMtMTEtMTZUMTI6MjQ6NDcu -Mjg5MDkzMQ0wCwYDVQQHDAQkJCQkMB4XDTIzMTExNjExMjQ0N1oXDTMzMTExMzEx -MjQ0N1owTDE7MDkGA1UEAwwyVExTR2VuU2VsZlNpZ25lZHRSb290Q0EgMjAyMy0x -MS0xNlQxMjoyNDo0Ny4yODkwOTMxDTALBgNVBAcMBCQkJCQwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDWJrvvUvpkiAhvIiciuTbFHRMC7VdOXdIM3y3I -Vt56Voj3dkCVitFcvTc+pkuqoQUaWRTc5M+875CaQSRIDfVyFTIGTyVXv6cZRcoz -0gcmYvopIJ4Wi5/xG9Qp8uJMtr+UBJ57ez6Urau/L3zETAVZA+y1bTylAlh4tjMH -I24bvyy4yNQbPtG4y5F9x484fn3H4x7lf6O/Xulcvy8vL1kyc/EgrF4fpjogwj58 -eQ5HLwbAlMRRxXxXX2U5tXlrv475WItp/1mhZ+j2yCMKB4tJ8tXbtpgou0JDtlN0 -8Jwm3+d5a6PxqynmgRAXStZ4Fda93Pa3FJfw1u63JrmOprG9AgMBAAGjYDBeMA8G -A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBS2Icxjr1ucGCIx -ikeSG9igJf558jAfBgNVHSMEGDAWgBS2Icxjr1ucGCIxikeSG9igJf558jANBgkq -hkiG9w0BAQsFAAOCAQEAR0iG00uE2GnoWtaXEHYJTdvBBcStBB8qnRk19Qu/b8qd -HAhRGb31IiuYzNJxLxhOtXWQMKvsKPAKpPXP3c5XVAf2O156GoXEPkKQktF738Pp -rRlrQPqU9Qpm84rMC54EB7coxEs7HMx4do/kNaVPdqq++JIEAcWOEVKfudN+8TMR -XyUJT54jBacsTpAZNfY6boJmuQ+G6tkpQvlHOU6388IFuLPkYRO7h7CHVbDsMEXD -Ptg3PCK97nCVgs4xfQGR7nT2pawfEUQVMon/XShtXY0RIKpynwrgICHDdvMXRXlG -a4haA7sz8Wyroy6Ub5+X3s4YRumSQrhiwRzqU+f75A== ------END CERTIFICATE----- diff --git a/selenium/test/multi-oauth/certs/server_rabbitmq_certificate.pem b/selenium/test/multi-oauth/certs/server_rabbitmq_certificate.pem index ef57ff61a411..bba7df99d6a7 100644 --- a/selenium/test/multi-oauth/certs/server_rabbitmq_certificate.pem +++ b/selenium/test/multi-oauth/certs/server_rabbitmq_certificate.pem @@ -1,23 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDxDCCAqygAwIBAgIBDTANBgkqhkiG9w0BAQsFADBMMTswOQYDVQQDDDJUTFNH -ZW5TZWxmU2lnbmVkdFJvb3RDQSAyMDIzLTExLTE2VDEyOjI0OjQ3LjI4OTA5MzEN -MAsGA1UEBwwEJCQkJDAeFw0yNDAyMDkwODE3MDFaFw0zNDAyMDYwODE3MDFaMCQx -ETAPBgNVBAMMCHJhYmJpdG1xMQ8wDQYDVQQKDAZzZXJ2ZXIwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQCjxmYRJeYfOnQ91ZSIZsjznnPiy0yukFnapF7Y -iIXxFCygEnw/hwqSG7ddkvDjNlc6P+K4rEEBmER87mEl0YqvAZ9/C6K4OANJFuD7 -kQYH3Uyt+aXJfeyByAjr8HM/jSHDZm5DpysVlSBMkJGg4sV9h38i0aT27+J0a4xm -Yb9pH+bbWKn4QflvOQi7IcyZ+PcB54/vCDZRtlypkT/6EuqTXqRHH9wGlYaos+Jo -XMQDWykYtN2160E1gUwW1OhdRlDHj21Tej9fYObRjb326au4e3ivTPqKYLYsSz0Y -dcRoM6SjvwGiAC131n2XeHyKTQrMeKOb+TTVHzJZG7iUM5iBAgMBAAGjgdgwgdUw -CQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG -AQUFBwMCMCkGA1UdEQQiMCCCCHJhYmJpdG1xgglsb2NhbGhvc3SCCWxvY2FsaG9z -dDAdBgNVHQ4EFgQUs9vJtNmoNWybsVgMmeRqcPGXRckwHwYDVR0jBBgwFoAUtiHM -Y69bnBgiMYpHkhvYoCX+efIwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL2NybC1z -ZXJ2ZXI6ODAwMC9iYXNpYy5jcmwwDQYJKoZIhvcNAQELBQADggEBAHxsmfxpoGZg -AlLu+Y62TQxqp2i+PqLJHuGBdB/93NV3S3P3tlDaqHwYt0mveS7ej+JXhw9wvSZz -jmejWePL08FXD9KPggRP4/SsG6Adf/5+vcofYR23I7D4y9hsrDqZezCurWZ4LY4X -dYmIQcI6IwgcjffWhsyt3CEbU+yVg6jrjVWv5sVPi3xZUu/dwpTdrdNzeUIFM8vf -H3BS8EcLwtaNR4snLJlFIhuDfDv7Ewi1FsmM4zkSe/aHboUNDduI2poRW/EPtbdM -zD1pVXNh1Q9hkqFCD7l4Vua+JVsA7PWD7yr73pm2ak6GfgjA7Enj0a6KbAfAXLMr -otRknmbKCUU= +MIIDujCCAqKgAwIBAgIBATANBgkqhkiG9w0BAQsFADBLMTowOAYDVQQDDDFUTFNH +ZW5TZWxmU2lnbmVkUm9vdENBIDIwMjQtMTEtMTRUMTQ6MDc6NTQuNzIzODUyMQ0w +CwYDVQQHDAQkJCQkMB4XDTI0MTExNDEzMDc1NFoXDTM0MTExMjEzMDc1NFowJDER +MA8GA1UEAwwIcmFiYml0bXExDzANBgNVBAoMBnNlcnZlcjCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAO+lLX4hl6pBOi8BNxOka5dxBblSIDUfES3yHwL2 +g/BoJv18DiBpLlT7262iUvrZk7WsGUdUccoikR8L9eArw04K8I8z7ATOMN7T/d8R +4Kn1Rcbgrm11d2xS4R9gXy7lbhOCk8LWHJtWptDyPhg6I8SztHB7dtvzv1AVvmtp +4QDYKN7YCJnF3+Uf9W2XJcH/rBU2mc0ow2EbTLoJug335bhIWJ7TVPS22BDy5xnP +7MDG14PMU/W9BhN5GzCEqeJzwhXjqij/JfGICHBJeGzqQ+J9Qjm3DYdGoCheZqxP +R1ml7ql14tBUIbgcJjlRCLSyaMLEOOOoLOrac5T/zT5YsV8CAwEAAaOBzzCBzDAJ +BgNVHRMEAjAAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAqBgNV +HREEIzAhgghyYWJiaXRtcYIKV0pSN0Q0RkhHWIIJbG9jYWxob3N0MB0GA1UdDgQW +BBTEYcfPgofNbHR6lT4AtYpmhDwa7DAfBgNVHSMEGDAWgBQlM1NJapUaVlk0O7o6 +p7NnIKxtcTAxBgNVHR8EKjAoMCagJKAihiBodHRwOi8vY3JsLXNlcnZlcjo4MDAw +L2Jhc2ljLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAQ8lsUSlA50+RqyRr6kopSNxh +ytQ/qKLmCZk8kveUkNVJK0VXRgo7ufINBrPVPlli4kofTv7FLizbm9dRYn22cskm +LcUqOBoAgXQuevqM2sn/WEpybYH6HL3ETFol+/8r5zVTlrWFLOMEIlHFBIWs+LOr +Zv5uNLfxqOBtG7ClCKB5oqnvRrL7Re5klMTPdSLoayiegk641SfxVeuyHYBe74LD +HOV4NLUW7xm55A3FXW0mdUT1YbsKdCXM6q7Krkomq16s5c4sJtYDk+zGLOMdA6lT +00Jaz74RbWwvpbpoW5XGeldn4T02CXOWVTXp0Ur+Br/PdsiKdmkrNos9ecBuvg== -----END CERTIFICATE----- diff --git a/selenium/test/multi-oauth/certs/server_rabbitmq_key.pem b/selenium/test/multi-oauth/certs/server_rabbitmq_key.pem index f5df03f73df8..40387b485dd4 100644 --- a/selenium/test/multi-oauth/certs/server_rabbitmq_key.pem +++ b/selenium/test/multi-oauth/certs/server_rabbitmq_key.pem @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjxmYRJeYfOnQ9 -1ZSIZsjznnPiy0yukFnapF7YiIXxFCygEnw/hwqSG7ddkvDjNlc6P+K4rEEBmER8 -7mEl0YqvAZ9/C6K4OANJFuD7kQYH3Uyt+aXJfeyByAjr8HM/jSHDZm5DpysVlSBM -kJGg4sV9h38i0aT27+J0a4xmYb9pH+bbWKn4QflvOQi7IcyZ+PcB54/vCDZRtlyp -kT/6EuqTXqRHH9wGlYaos+JoXMQDWykYtN2160E1gUwW1OhdRlDHj21Tej9fYObR -jb326au4e3ivTPqKYLYsSz0YdcRoM6SjvwGiAC131n2XeHyKTQrMeKOb+TTVHzJZ -G7iUM5iBAgMBAAECggEAOdYOpW+k3NJfypZqZeEmhiIm+qig4+TGVphFhmJwKrrd -J4pfpm+iJAb1sm3588N0+nUlM+Jg8pc7WIM2e4yMVVFVaiBJzpS5VE5oFW8Zmh1k -vuuyyH1X0F08CVZY3NCSY9cAiZO3e1+2kFNdmlt7MuFu3HT8tNfyOPriEiXi2tSA -qmgUmMql305wYwjIp+mTP8X7YKKdIdCXwPC2E1Kj5SseEc9NYvHdmeJ3nZCVATbS -h8aP7HB5GpsDMHbnnFzOqPfxIPxYkJ4JqE0iGpw+SMYbIGLVkMEGodpWjBwZiaaI -EMeJJk3Qs/QvVLDxhSsFXsaLGLgYN0rItYX9dUyroQKBgQDOOLKJ9OPcm3sAWo9e -byRYegDPPM06Es5s0hF0Pr0u6X8F7fDnpS74XVMlWxZzvXWgZQNwC2nYaGfNpK5t -E2FxIC0S69W4m1L6sp2sTRLSJo5NiZc4kNVjGvnmgIrNqMhJK8pLOh5xx6/kAbpo -/lydhtXWP0omw5imFkh3bGQuZwKBgQDLTsCu01OCNuQs0Y9hgW/iHzRpX1aHvp8X -u8v/AtOS3z5a3WptrLah/HHM5B/4Hh9dW4uljuR0zTsk8dFD8lQ/mdxbXjPGEcN6 -QNe1Md2nV0xAZsW1Xp1iFDomS5xSn+qWDmR0EAXvs0hHMQnX1k7+dp2mK1whRwdM -z4mv0cZg1wKBgDnuzaFZ7aVs/GoGBt7FpFVCuPV/JDxbSihh/0tD0MvcBrY4uQOq -cP6O4SvOYglTwTa1CfkxC6Qi+H5Z9DJqTmaEXoVBQYIiCHarNQZRhKcK89EuhQ/8 -CCZWTrwFgnjyIIoFxkfJ5QGb0nrgTWjvhD8wwOP2VbN8IWcPPX5nMeGjAoGBAL7b -y59T3E2d4k8A3C2ZKcOJr9ZMHhuJJClPr45SxPRYh10eB0+2mC0xpFPIxQpUnPUz -f8GIh4fvMtrX+LBkyhp7ApbztH75Jh2ayeXcTk1OctLyqCBAFleAzaYtzS7z2XHN -SRh8AlaoY+4RZ0AsfDP+frkEc5T57Sx6mLNpp2Y5AoGAXG5BGedrCMa44Ugpux41 -saTIlaXUOObxdsGTLMOy1Ppb9LW5yk4kS8ObP3SksjUUZrRUO/BagLukgcaS038/ -AbNDU5lMCmMfwxPN2lulERhaIA1BeVgmOwJYY7nqXkL5Yibu0OXnvvbCkt0eLnp2 -ATZBECwIxNuB9pixRmDhXsM= +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDvpS1+IZeqQTov +ATcTpGuXcQW5UiA1HxEt8h8C9oPwaCb9fA4gaS5U+9utolL62ZO1rBlHVHHKIpEf +C/XgK8NOCvCPM+wEzjDe0/3fEeCp9UXG4K5tdXdsUuEfYF8u5W4TgpPC1hybVqbQ +8j4YOiPEs7Rwe3bb879QFb5raeEA2Cje2AiZxd/lH/VtlyXB/6wVNpnNKMNhG0y6 +CboN9+W4SFie01T0ttgQ8ucZz+zAxteDzFP1vQYTeRswhKnic8IV46oo/yXxiAhw +SXhs6kPifUI5tw2HRqAoXmasT0dZpe6pdeLQVCG4HCY5UQi0smjCxDjjqCzq2nOU +/80+WLFfAgMBAAECggEAH8tjcMOWMrF6vbfEjeeXmr0VDFRYD5QynEzuTl9Ue/Xl +jmYCHcy2p/HOYIgTyFJLpaPSqsMKYc4aQOs+UOKdg+Ixrl4uJykQFNA9c3YUv5fa +DRvMKJuYH5gTZC1OE5O++fmuDwCHRRjHAxvQnzg/fJ53ByFqUJ5TOJXZ8LhYcNr7 +P47OfZJb9t81YsrYPL6ZsRxw2a5Fc1C/Za2Wn7ZZbr4xx8CuBJ8WwQQWM+NjhHfD +Kb3I3n2sWzyy1JhGcQCHix/nQnrIMCZ3TDemwTIegvAKkHt+estvgWlxVOCBHb86 +lZrhweuMWCzwuRJhvKZ2Up71fMmyw6chZJwR2AHaIQKBgQD5G4ZuEckodnIlH6jU +9ps2AX114xNSnDBGOFn1pCE6gXQFtdLWvIyKpeQnFN9JUZoaQ2lp+pPQ+21O6ZXW +z/5LGp6N0HZDFKOm3Fu9RqEiI4TM5w9EnUjRoqhD8qKjk3ym97raVEvjFlMycqs8 +3L5oRGFCHIWreDA6zaSpQq2cEQKBgQD2RqEgKIKxNpYicroVkaGwLM3W3E0corNM +vj/oS2zwBJUgH7iwtDO+CBPd2FFQjwXi7DZwMzP1UyKOBxHUiTrFODtLj1NPp2BZ +X29HEDy3QHh1TrVb2gG+Psll/cdurq+G2knJqSDwWnAoVHe5jxt0jWxaVFWKzNl5 +pcc9Lu+mbwKBgQCU/RZ47KBQWA9LDtVukhQgx+FeybJ73TiuNvPvC/xnvpdC9w2k +K18vaaq8iSpG8sxlWt5IaXtRKZ+l6+UXdo0UJFaiYQTqeAStPuyLlxu2jGHYH3Yt +RpkP8OYMxajqhsKuJkqWXIaKyoZ2DMlH/IrRV9yHqwFznc3Szb3nEh890QKBgQCL +7BcRgVK3ws7MJajKJmLaCKquf54kPeBnItSGc4wiVkgv5zX0131qY4Z+DbAteAUd +J53KY50KrkA8t5GO0qUcdlViGb14zRz1yj4b/wKwDyYhaCWsWRGSeHPOycAsh31c +vdscg0YeqRN+Jnebas5riwpby/yKDtckwWaQwYERawKBgQDMqdNh0NqX+VyW786f +M45xgL61jMwO3FNPatQsj329WJ9PfHQprryR4zzNZ9XswENKVM7jLq3koJkHYVs/ +wk23Zn3daJxYqoftEdYxW2azsouHV7/kMT+kiUjr4pcaxGhWjRjANDgEcYkMz3g6 +Uuot3qdOvr7IW0O0vRGvmd6Ojw== -----END PRIVATE KEY----- diff --git a/selenium/test/multi-oauth/devkeycloak/ca_certificate.pem b/selenium/test/multi-oauth/devkeycloak/ca_certificate.pem deleted file mode 100644 index cd37bea304f5..000000000000 --- a/selenium/test/multi-oauth/devkeycloak/ca_certificate.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDezCCAmOgAwIBAgIJAOA06nrAwraBMA0GCSqGSIb3DQEBCwUAMEwxOzA5BgNV -BAMMMlRMU0dlblNlbGZTaWduZWR0Um9vdENBIDIwMjMtMTEtMTZUMTI6MjQ6NDcu -Mjg5MDkzMQ0wCwYDVQQHDAQkJCQkMB4XDTIzMTExNjExMjQ0N1oXDTMzMTExMzEx -MjQ0N1owTDE7MDkGA1UEAwwyVExTR2VuU2VsZlNpZ25lZHRSb290Q0EgMjAyMy0x -MS0xNlQxMjoyNDo0Ny4yODkwOTMxDTALBgNVBAcMBCQkJCQwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDWJrvvUvpkiAhvIiciuTbFHRMC7VdOXdIM3y3I -Vt56Voj3dkCVitFcvTc+pkuqoQUaWRTc5M+875CaQSRIDfVyFTIGTyVXv6cZRcoz -0gcmYvopIJ4Wi5/xG9Qp8uJMtr+UBJ57ez6Urau/L3zETAVZA+y1bTylAlh4tjMH -I24bvyy4yNQbPtG4y5F9x484fn3H4x7lf6O/Xulcvy8vL1kyc/EgrF4fpjogwj58 -eQ5HLwbAlMRRxXxXX2U5tXlrv475WItp/1mhZ+j2yCMKB4tJ8tXbtpgou0JDtlN0 -8Jwm3+d5a6PxqynmgRAXStZ4Fda93Pa3FJfw1u63JrmOprG9AgMBAAGjYDBeMA8G -A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBS2Icxjr1ucGCIx -ikeSG9igJf558jAfBgNVHSMEGDAWgBS2Icxjr1ucGCIxikeSG9igJf558jANBgkq -hkiG9w0BAQsFAAOCAQEAR0iG00uE2GnoWtaXEHYJTdvBBcStBB8qnRk19Qu/b8qd -HAhRGb31IiuYzNJxLxhOtXWQMKvsKPAKpPXP3c5XVAf2O156GoXEPkKQktF738Pp -rRlrQPqU9Qpm84rMC54EB7coxEs7HMx4do/kNaVPdqq++JIEAcWOEVKfudN+8TMR -XyUJT54jBacsTpAZNfY6boJmuQ+G6tkpQvlHOU6388IFuLPkYRO7h7CHVbDsMEXD -Ptg3PCK97nCVgs4xfQGR7nT2pawfEUQVMon/XShtXY0RIKpynwrgICHDdvMXRXlG -a4haA7sz8Wyroy6Ub5+X3s4YRumSQrhiwRzqU+f75A== ------END CERTIFICATE----- diff --git a/selenium/test/multi-oauth/devkeycloak/server_devkeycloak.p12 b/selenium/test/multi-oauth/devkeycloak/server_devkeycloak.p12 index 015ebc99a18b..e106d72dcd27 100644 Binary files a/selenium/test/multi-oauth/devkeycloak/server_devkeycloak.p12 and b/selenium/test/multi-oauth/devkeycloak/server_devkeycloak.p12 differ diff --git a/selenium/test/multi-oauth/devkeycloak/server_devkeycloak_certificate.pem b/selenium/test/multi-oauth/devkeycloak/server_devkeycloak_certificate.pem index 7c11ae263701..74169e5040a3 100644 --- a/selenium/test/multi-oauth/devkeycloak/server_devkeycloak_certificate.pem +++ b/selenium/test/multi-oauth/devkeycloak/server_devkeycloak_certificate.pem @@ -1,23 +1,23 @@ -----BEGIN CERTIFICATE----- -MIIDzDCCArSgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBMMTswOQYDVQQDDDJUTFNH -ZW5TZWxmU2lnbmVkdFJvb3RDQSAyMDIzLTExLTE2VDEyOjI0OjQ3LjI4OTA5MzEN -MAsGA1UEBwwEJCQkJDAeFw0yNDAxMTMxMTU4MzRaFw0zNDAxMTAxMTU4MzRaMCcx -FDASBgNVBAMMC2RldmtleWNsb2FrMQ8wDQYDVQQKDAZzZXJ2ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt5/wvIdHr5FJvIWNiwoaict0G/pkHnUYs -VIHjLjeR59q5qAojrKRqs32D9eeKqikHv/xTp9dpOa8qwpho11bSs/HgnXZKie1F -fQG/8arfipHkODn10VoNtZ0Revu5on9h67kkgyjCk4WKG34o7ye4qacJhOAGV8LU -HJXyA1kPFCtZzvcobYwbpPENpV7MWfxqa9gIV6IZln7EttzcraDfsYIr44uLbfeC -2BcvJZP+JFXmTBZz0fbMfLsv6z5KF0pH4XKInINan9ajGLnE5SbvqMLHQ4KANwMP -Q8OLtU4is6wNAgAQmCYphmdd5k3m2fwXN+YeMohBGjdKz/cxnx7LAgMBAAGjgd0w -gdowCQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG -CCsGAQUFBwMCMC4GA1UdEQQnMCWCC2RldmtleWNsb2FrggtkZXZrZXljbG9ha4IJ -bG9jYWxob3N0MB0GA1UdDgQWBBTaLvUjHU7ggs6aF7YUycglgDeQCjAfBgNVHSME -GDAWgBS2Icxjr1ucGCIxikeSG9igJf558jAxBgNVHR8EKjAoMCagJKAihiBodHRw -Oi8vY3JsLXNlcnZlcjo4MDAwL2Jhc2ljLmNybDANBgkqhkiG9w0BAQsFAAOCAQEA -i1wni0pi4RY1Txu3Lef5vd9FzUqKYBi2bcrMVliAmmCjKriwSP0/zd9LgoyC57/3 -WUZ3cLMSdmMc8go1QPEBmkwjtkw0HACN+XXOmocRimewmBhCQ5Lh90xuFJlk7snN -FbwQmohE6w+DvQAy8vseHS6WKeVsMCSPtQk2ID9/DEhSndQDJeYDpjrwUOn2B+Kf -WbHLryT//sk6xMq4++ljQEld1NU1z8bo1a5D2juH9724KlzZcE70nJOaCGLPdamt -e+p0kw7xlQH67+R1IaYgDNand62P7b+KZZML0B88QUC166ZeablncyFca5SMCYlS -z6HFKTiVN19ZgqC084RQOw== +MIIDwDCCAqigAwIBAgIBATANBgkqhkiG9w0BAQsFADBLMTowOAYDVQQDDDFUTFNH +ZW5TZWxmU2lnbmVkUm9vdENBIDIwMjQtMTEtMTRUMTQ6MDY6MjkuNjQwNzcxMQ0w +CwYDVQQHDAQkJCQkMB4XDTI0MTExNDEzMDYzMFoXDTM0MTExMjEzMDYzMFowJzEU +MBIGA1UEAwwLZGV2a2V5Y2xvYWsxDzANBgNVBAoMBnNlcnZlcjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAI+qfG/X9HQIIWQFC9Ibj7dNOiWdwhpclgDB +h1e7oBM9fIBMKeU2M1xFPmSFigOB989dLZhBG5yypgZv+6jrMqnUF8fn0DVhUZag +FI8VNx8KFc0U5ENo+FFe8Isf7yrl4FPc1EychoHiGI2DKM3QdIDYQhtdlPKk5wig +vJEQopMmwsMGKfkw6ARVzTpv1FQmOn8MMHubT9L0AS4CkPcS7aartNJEzltBlx5V +lHQq3jumf8CpbionQFWWRjeGFdYZhL7cfYk4fYB3rvnVg8opzju4spdTU2gloZy6 +GGRhVeUGspbk8gh8ecF/83AwKuAkrwM/wMDwyKKeeq3QKHBJc9cCAwEAAaOB0jCB +zzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAt +BgNVHREEJjAkggtkZXZrZXljbG9ha4IKV0pSN0Q0RkhHWIIJbG9jYWxob3N0MB0G +A1UdDgQWBBTGCKXoyHd9jncVAeN3uiStdQbOPzAfBgNVHSMEGDAWgBRIFMiWpPs7 +k4WMbt9+JS/Box5EhDAxBgNVHR8EKjAoMCagJKAihiBodHRwOi8vY3JsLXNlcnZl +cjo4MDAwL2Jhc2ljLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAQrIxS/Zr832lJV82 +3yYIql12rbT8vG6HYxwaJ2Bd1QFwk0nHMoTqJ5JQxH6mYY8NasjLFS15rrSGLMCt +4Ja8T/haUXzfxuOMFVDvvnexDXdldOPHycIsv+BMH/7CuDnnEgCiKLGVuHZIgE/k +igNvTVmk/gX8OR5tGxizMhIBa5Wer2kLBvJKl/gFniV3LCMlm20ufXvTpJSU4lms +u5AI/snnblD0HtZ+HQyKJM5WGj6PyFH620BBYvTFR3oFaEhaEmHNqQGiCQ+xvzpU +8P5crISfzcllXjfBxXCn/Ffft8y6I8TGxdRTrMoHHX5FJZWKZdaGH0JYQ4unWJ3s +1Ats7g== -----END CERTIFICATE----- diff --git a/selenium/test/multi-oauth/devkeycloak/server_devkeycloak_key.pem b/selenium/test/multi-oauth/devkeycloak/server_devkeycloak_key.pem index 9c2f3b11fda8..94392d234862 100644 --- a/selenium/test/multi-oauth/devkeycloak/server_devkeycloak_key.pem +++ b/selenium/test/multi-oauth/devkeycloak/server_devkeycloak_key.pem @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCt5/wvIdHr5FJv -IWNiwoaict0G/pkHnUYsVIHjLjeR59q5qAojrKRqs32D9eeKqikHv/xTp9dpOa8q -wpho11bSs/HgnXZKie1FfQG/8arfipHkODn10VoNtZ0Revu5on9h67kkgyjCk4WK -G34o7ye4qacJhOAGV8LUHJXyA1kPFCtZzvcobYwbpPENpV7MWfxqa9gIV6IZln7E -ttzcraDfsYIr44uLbfeC2BcvJZP+JFXmTBZz0fbMfLsv6z5KF0pH4XKInINan9aj -GLnE5SbvqMLHQ4KANwMPQ8OLtU4is6wNAgAQmCYphmdd5k3m2fwXN+YeMohBGjdK -z/cxnx7LAgMBAAECggEAUJtrx8jsTWOqVfpq37b8wsVs77YI5n+erCOLhOrCNS37 -svxRntGB8Dc8IXNUnHBczkvNwFTWwt5K9A34qPfPNaDUp2E1GD2wLfpQWlDA/BZ1 -owvwyaD9FcetgxG3JgdM9e1WBreIqA/K4QX3Ry/7AFwaoY3mbOo20yxg0Cl/GT5j -DtI+RpNvA480yQWTjJBE3bk9S/9k38bAtRT9C6ArQqhkasXxBbuZiyb5GOvBZ3iN -hhMvgXrj2g038jbElWlo/uSLcsRadPnLAvXXROKrqLMnKTkv3BnqmPXQXdP0eNet -XoXAxbb8FbYtTxHceiyfwTOqtvUv+07wh8tiZDiUKQKBgQDg0QPFm2hqpMWPhsal -fwtVa7QMsF6MVaLB2eb3onZoQxZpWOXyeA7hfJz4iGiObM12EF98k+9G3Mg88gEI -RV+ENE7XI/YZcfQQsT4JNtR9CS0xDihSrmr80ndFburMT3oucpw/76AOs38Oof1q -cs3VLCYAIMHm6SHm1ylTN3bQvQKBgQDGBzPerVMnwntLPie1gAIYDIvlSim81nhm -Aa2jCIAgtogTXJ/WCtznvAxhDUsBG5Mn4oaS38oaBXSlnp0Vuz9ibZCMPxc2hADU -1GSpXl/xv9yC2HHjMeWWWPoF9Qtpo9x1XipkxYIeJYTulqaPXTd6YGSdQ7NENTuX -f0o5Sgy6JwKBgQCYKT+5To8kpvNESn9G4i8EmMobUIAd0ZRASkCGWQJ1XPrdQJsa -OmIwAcyodoL16vRBNaG7StFHkAVDIrTKKVIVw+Wcva1C2ZrMdXo8eEznd/+LVT67 -f2vQRI8PgpwOvrg+mbnhmEknyht0BvXjR2LDJodtzL4QkLguanCA72hOrQKBgBQw -w88eaO4S3DNNwQq2ZIBDNzhHmX3ReDEeVq/avAWZ1sHynbFbJi7Sc4iprE4Om7Bj -Xkk3XAnPKJeCVo3Sq6HDfgtum1VJnDQW+7RxFOM3JqqImwQJIFl19PgKhgFdXarx -0Oy5XozoUmdpIM5ZOMDXdyq5rltz+gF2TwEMVcPdAoGAVAr+aCEmFmvo1B+VoUYg -wMef7vU8CmSVXWFN9G+7vsJ5xbk6D1VLQf8+hTO2VvOjWfjMqxPuOT5Bz6lsKNh6 -wgzXljUx0ZB/9c6rXCf06IT+CvFWWr2j1hgaCSmDQ6x/FV0H6tV4oSIAztEuJfGk -Hl/FLnRCHMe1OqG/Gh/WjTQ= +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCPqnxv1/R0CCFk +BQvSG4+3TTolncIaXJYAwYdXu6ATPXyATCnlNjNcRT5khYoDgffPXS2YQRucsqYG +b/uo6zKp1BfH59A1YVGWoBSPFTcfChXNFORDaPhRXvCLH+8q5eBT3NRMnIaB4hiN +gyjN0HSA2EIbXZTypOcIoLyREKKTJsLDBin5MOgEVc06b9RUJjp/DDB7m0/S9AEu +ApD3Eu2mq7TSRM5bQZceVZR0Kt47pn/AqW4qJ0BVlkY3hhXWGYS+3H2JOH2Ad675 +1YPKKc47uLKXU1NoJaGcuhhkYVXlBrKW5PIIfHnBf/NwMCrgJK8DP8DA8Miinnqt +0ChwSXPXAgMBAAECggEACVm9zqO+H901myZu7gZoNLR8j900OHYFN1hhQDcQhKAQ +XeNXKLl930gMdwtv/6lyYRc98/Zs3yaLgsjAFu7z9bS9tX+jgA3s+wJBREzLsSP9 +ZkMxVifbXaRxwIRcEy0yDBNH6BKZ+JMoKPG78qVaJ9ares989cwA04FutHxiMHSQ +6ScywMspOrknJPbosoikJ3tg4vCvCVugrXpjieojuvpmeNSY3HThsudPXR6V1fZD +iLvUS8hZuHJV0tCsWyGho6qvTGrv6bvpsorPq4zyuMwxNx9Wl7Fo2fZHACdAAnOk +LF7Hjz9YUdI1oq+05nq+dApf5zkB9C9aEGjP7uwuuQKBgQDEHXxIex0TAh3Ne/72 +wAvhjQ7+3csuNXb1mgjI7vJlKl6+uza6WiD0MtALQG1LL3Y4IKZVcvhfVL72Id8q +op3a9asiE3+E1Y07abzgwG3uuWj7SmXvmxURhl90Jlm4zAOioJUb4sTXfRCCyVSR +CfoC5g3Na4k0gv8fUNbMVU6s2QKBgQC7iP6HQiBQaMs6Ka/fgKMkwOx1Bpjylv8w +TT4MjWIAmfDefWD6tEq6hPP66E2OdBndJ/UcZly7NIMImJP5KqlRyLF24ZaAiNZC +j+ppVy2OzV34GW4VBxIH0+h+GyUpdsdO+ou8suGzisXWFfUpp52Ei9DRPQsVLWC+ +rLaZ2SJ4LwKBgQCVeyf9EyHxGB7hPg7zwyQLMnpol2PD/+qBf3wMs9y8cZQv6wDm +/8W4fHaI7P2hXjbMx04hOXXJLA42C1FP7Q1HFRPw8E21URTKYWkfIm1olZhIWcfi +3yEq73IYVRb0PUTUE3Q0AiApY+FO3uh/eMxAo1uH5Nx60xJkqzheHPPP2QKBgQCx +y2asa3fhZAjQorcX6YhCjxletZuJ2rgjXgfmtJ/mPAxNk4a/CPEUNnptNZJZ7R6c +Ooa6nx1papaULruTbevLGr+NGsCqKZEg1/qAVmNd0Lw3PDzOeL6SZ0gzTp8D2ZWJ +/iU/CETNCFMZ7gVZsYy4HioiRYJdWIExJOOVpnN0hwKBgQCy7iod/gAJagOURPhu +6AievvlIc7XvNnEwvFS0uCqmGzvhdHtFriBFGIYMH5Ea+DDnL9efl529r/TthWzv +ocz7lWDMlH4Vyzqs+Tt4UHWCu1gDh4UAVga6AS+DbCVzKleseWxKgxjMD96f+7LT +FRNf7QlGgk0Ei6aQZ+p3gfva7w== -----END PRIVATE KEY----- diff --git a/selenium/test/multi-oauth/env.docker.devkeycloak b/selenium/test/multi-oauth/env.docker.devkeycloak index 8b1ad3234463..a5cc4c924dfc 100644 --- a/selenium/test/multi-oauth/env.docker.devkeycloak +++ b/selenium/test/multi-oauth/env.docker.devkeycloak @@ -1,2 +1,2 @@ export DEVKEYCLOAK_URL=https://devkeycloak:8442/realms/dev -export DEVKEYCLOAK_CA_CERT=/config/oauth/keycloak/ca_certificate.pem +export DEVKEYCLOAK_CA_CERT=/config/multi-oauth/devkeycloak/ca_devkeycloak_certificate.pem diff --git a/selenium/test/multi-oauth/env.docker.prodkeycloak b/selenium/test/multi-oauth/env.docker.prodkeycloak index e929f0246e9f..80554f60335c 100644 --- a/selenium/test/multi-oauth/env.docker.prodkeycloak +++ b/selenium/test/multi-oauth/env.docker.prodkeycloak @@ -1,2 +1,2 @@ export PRODKEYCLOAK_URL=https://prodkeycloak:8443/realms/prod -export PRODKEYCLOAK_CA_CERT=/config/oauth/keycloak/ca_certificate.pem +export PRODKEYCLOAK_CA_CERT=/config/multi-oauth/prodkeycloak/ca_prodkeycloak_certificate.pem diff --git a/selenium/test/multi-oauth/env.local.devkeycloak b/selenium/test/multi-oauth/env.local.devkeycloak index a1e2d5d596c2..1221403af156 100644 --- a/selenium/test/multi-oauth/env.local.devkeycloak +++ b/selenium/test/multi-oauth/env.local.devkeycloak @@ -1,2 +1,6 @@ export DEVKEYCLOAK_URL=https://localhost:8442/realms/dev +<<<<<<< HEAD export DEVKEYCLOAK_CA_CERT=deps/rabbitmq_management/selenium/test/multi-oauth/devkeycloak/ca_certificate.pem +======= +export DEVKEYCLOAK_CA_CERT=${SELENIUM}/test/multi-oauth/devkeycloak/ca_devkeycloak_certificate.pem +>>>>>>> 6bf27a212f (Use tls in oauth providers and rabbitmq) diff --git a/selenium/test/multi-oauth/env.local.prodkeycloak b/selenium/test/multi-oauth/env.local.prodkeycloak index e267b558cd49..9b2b7c60b786 100644 --- a/selenium/test/multi-oauth/env.local.prodkeycloak +++ b/selenium/test/multi-oauth/env.local.prodkeycloak @@ -1,2 +1,6 @@ export PRODKEYCLOAK_URL=https://localhost:8443/realms/prod +<<<<<<< HEAD export PRODKEYCLOAK_CA_CERT=deps/rabbitmq_management/selenium/test/multi-oauth/prodkeycloak/ca_certificate.pem +======= +export PRODKEYCLOAK_CA_CERT=${SELENIUM}/test/multi-oauth/prodkeycloak/ca_prodkeycloak_certificate.pem +>>>>>>> 6bf27a212f (Use tls in oauth providers and rabbitmq) diff --git a/selenium/test/multi-oauth/prodkeycloak/ca_certificate.pem b/selenium/test/multi-oauth/prodkeycloak/ca_certificate.pem deleted file mode 100644 index cd37bea304f5..000000000000 --- a/selenium/test/multi-oauth/prodkeycloak/ca_certificate.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDezCCAmOgAwIBAgIJAOA06nrAwraBMA0GCSqGSIb3DQEBCwUAMEwxOzA5BgNV -BAMMMlRMU0dlblNlbGZTaWduZWR0Um9vdENBIDIwMjMtMTEtMTZUMTI6MjQ6NDcu -Mjg5MDkzMQ0wCwYDVQQHDAQkJCQkMB4XDTIzMTExNjExMjQ0N1oXDTMzMTExMzEx -MjQ0N1owTDE7MDkGA1UEAwwyVExTR2VuU2VsZlNpZ25lZHRSb290Q0EgMjAyMy0x -MS0xNlQxMjoyNDo0Ny4yODkwOTMxDTALBgNVBAcMBCQkJCQwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDWJrvvUvpkiAhvIiciuTbFHRMC7VdOXdIM3y3I -Vt56Voj3dkCVitFcvTc+pkuqoQUaWRTc5M+875CaQSRIDfVyFTIGTyVXv6cZRcoz -0gcmYvopIJ4Wi5/xG9Qp8uJMtr+UBJ57ez6Urau/L3zETAVZA+y1bTylAlh4tjMH -I24bvyy4yNQbPtG4y5F9x484fn3H4x7lf6O/Xulcvy8vL1kyc/EgrF4fpjogwj58 -eQ5HLwbAlMRRxXxXX2U5tXlrv475WItp/1mhZ+j2yCMKB4tJ8tXbtpgou0JDtlN0 -8Jwm3+d5a6PxqynmgRAXStZ4Fda93Pa3FJfw1u63JrmOprG9AgMBAAGjYDBeMA8G -A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBS2Icxjr1ucGCIx -ikeSG9igJf558jAfBgNVHSMEGDAWgBS2Icxjr1ucGCIxikeSG9igJf558jANBgkq -hkiG9w0BAQsFAAOCAQEAR0iG00uE2GnoWtaXEHYJTdvBBcStBB8qnRk19Qu/b8qd -HAhRGb31IiuYzNJxLxhOtXWQMKvsKPAKpPXP3c5XVAf2O156GoXEPkKQktF738Pp -rRlrQPqU9Qpm84rMC54EB7coxEs7HMx4do/kNaVPdqq++JIEAcWOEVKfudN+8TMR -XyUJT54jBacsTpAZNfY6boJmuQ+G6tkpQvlHOU6388IFuLPkYRO7h7CHVbDsMEXD -Ptg3PCK97nCVgs4xfQGR7nT2pawfEUQVMon/XShtXY0RIKpynwrgICHDdvMXRXlG -a4haA7sz8Wyroy6Ub5+X3s4YRumSQrhiwRzqU+f75A== ------END CERTIFICATE----- diff --git a/selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak.p12 b/selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak.p12 index 4e363100e505..83a87f72d68d 100644 Binary files a/selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak.p12 and b/selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak.p12 differ diff --git a/selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak_certificate.pem b/selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak_certificate.pem index f155d4123327..1e3fd2ef73f5 100644 --- a/selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak_certificate.pem +++ b/selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak_certificate.pem @@ -1,23 +1,23 @@ -----BEGIN CERTIFICATE----- -MIIDzzCCAregAwIBAgIBDDANBgkqhkiG9w0BAQsFADBMMTswOQYDVQQDDDJUTFNH -ZW5TZWxmU2lnbmVkdFJvb3RDQSAyMDIzLTExLTE2VDEyOjI0OjQ3LjI4OTA5MzEN -MAsGA1UEBwwEJCQkJDAeFw0yNDAxMTMxMTU4NDNaFw0zNDAxMTAxMTU4NDNaMCgx -FTATBgNVBAMMDHByb2RrZXljbG9hazEPMA0GA1UECgwGc2VydmVyMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRzkMDxZj7DP52nc4voOCz07tfpam9Qp -JbqJFwCb9SQkL/feGA86+IuzRJW9N3RozM5jeIa+yV7Obf+km4FYxPP6SffEEeM9 -SEqMAz1BNfUxGvo4XI6TmJ2u7YK0haVPDRSIGNmJO1tZgceOU0WeUkpNaNh4yF+f -3AQEEtd78ywdR/NHnx6wFCEtlPkSIoBLUX0/lF78YLkDZRBCRasUWP3m3/StUYzx -6V7LtBfiUhSd2W6AvxUo8NLRu70wNUyVuwwUthEj8AxeyX1SH3UybA/OT68c64NH -gZauVdDbz7cBVJCJU2fGUO8+Rq/dS7lwRymee/nZ5iqg2cfCEIsehwIDAQABo4Hf -MIHcMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB -BggrBgEFBQcDAjAwBgNVHREEKTAnggxwcm9ka2V5Y2xvYWuCDHByb2RrZXljbG9h -a4IJbG9jYWxob3N0MB0GA1UdDgQWBBRHLuo22l4IoKXLxGFVjbG7bi6oJzAfBgNV -HSMEGDAWgBS2Icxjr1ucGCIxikeSG9igJf558jAxBgNVHR8EKjAoMCagJKAihiBo -dHRwOi8vY3JsLXNlcnZlcjo4MDAwL2Jhc2ljLmNybDANBgkqhkiG9w0BAQsFAAOC -AQEAnawpUvXok9AVLD2JSnFT3hzc5sRkMMuLLR9nskGpmp594mgMKebVOMh7x/OT -2/pO8RnqTyA5AB3DJPb+1bDBtFmcWaktOLOuYOw7GXvNRzTIRmW0i65l7cgnHOdU -U3JW/D/FozY02w5nVh14NDhgHs0BsDOJXUmogsmlvKFfeKiaB8vIz6wdLlA2eg6L -AQZNjiACNbzzd2C3duSDD6BhoImN0j7QsksPtwDwujAIFZcjlz7J11KRniDbecjq -cCc/gU/Ms8q8aahK84fG9UcPZJe6MtFY0B9AmiEmq2ImFlWWHUh33eSwIr37jywN -+8bxzT1vgTTqskv+wMbM+mQa2w== +MIIDwjCCAqqgAwIBAgIBATANBgkqhkiG9w0BAQsFADBLMTowOAYDVQQDDDFUTFNH +ZW5TZWxmU2lnbmVkUm9vdENBIDIwMjQtMTEtMTRUMTQ6MDc6MTIuMTg2NTg4MQ0w +CwYDVQQHDAQkJCQkMB4XDTI0MTExNDEzMDcxMloXDTM0MTExMjEzMDcxMlowKDEV +MBMGA1UEAwwMcHJvZGtleWNsb2FrMQ8wDQYDVQQKDAZzZXJ2ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB1c4MHWnuqDBZ6VMYyk16W5qVKmoQnm9c +bjXC5hkmUU7BitYjthT+udt5dtzcbPo0bJf9/YNsfG00EsT/8/rUufU6K3Uor6Dj +4r8Q1e/rm19KNChe79iJ7VzYu9yh/mVujVkLF51OgcKDFe7eDAGxhhpp9yG9WbWe +BG8Ueoqh4uIHekFE5+LizbjgDOrYwna8XXhThyJQqnAV+SL4GwkVe38S902Mf78Z +vnrWfUSuo0ZOigJr+7s2R4/nsvoCC8Ec6cMiJApqJ+9JED9/nLcCPSsdh4exD+cJ +dWOe7Jd1HyfjcQ5dGF6a8NS+o8JUzI2H6d961Q3hvzD44v4SgbYZAgMBAAGjgdMw +gdAwCQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw +LgYDVR0RBCcwJYIMcHJvZGtleWNsb2FrggpXSlI3RDRGSEdYgglsb2NhbGhvc3Qw +HQYDVR0OBBYEFHAbzqd72oqgHN5VZaJA94OxbVHxMB8GA1UdIwQYMBaAFPsm2Wgu +4Sjb0Z7Bb48ZuwAJA7VnMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly9jcmwtc2Vy +dmVyOjgwMDAvYmFzaWMuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA+GaPVxIP2BUH4 +DUSiuLr3NB04qWFEhTC4dros6ebU0B9q9VwNdns7TsnTf1K0c3MEv7Q9lgBq1sds +PUP+oOygF/xunjup0a2Z4Dl13YWC8D/gsWMK5Lfhczjk9RFNRnzkysMfajXk5oA8 +i7Ne8Cw+ROzbNfP7b9d2KLYctfxTsUf9r52RFLyhDbDzhaZvpmeyBfq4VIUpi6Sa +vE+MaDgJzg2FnS3EoSBELcPvy0Vhdqy+DnbCviIdJm8U39Ht4ygFJnSbCV1c7xjv +64YKSPV7jECeDLhdo2rLNhiiN+5NLJvrC/Mj4919Etngr9oIyfX9TToNVTKtp3JT +HU3R+2KE -----END CERTIFICATE----- diff --git a/selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak_key.pem b/selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak_key.pem index b2cf9e44c515..3f92f6940607 100644 --- a/selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak_key.pem +++ b/selenium/test/multi-oauth/prodkeycloak/server_prodkeycloak_key.pem @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDJHOQwPFmPsM/n -adzi+g4LPTu1+lqb1CkluokXAJv1JCQv994YDzr4i7NElb03dGjMzmN4hr7JXs5t -/6SbgVjE8/pJ98QR4z1ISowDPUE19TEa+jhcjpOYna7tgrSFpU8NFIgY2Yk7W1mB -x45TRZ5SSk1o2HjIX5/cBAQS13vzLB1H80efHrAUIS2U+RIigEtRfT+UXvxguQNl -EEJFqxRY/ebf9K1RjPHpXsu0F+JSFJ3ZboC/FSjw0tG7vTA1TJW7DBS2ESPwDF7J -fVIfdTJsD85Prxzrg0eBlq5V0NvPtwFUkIlTZ8ZQ7z5Gr91LuXBHKZ57+dnmKqDZ -x8IQix6HAgMBAAECggEBAJ0IvzDe3rvxPtWedsiQogiqnoZA3yFQL3TzS3o3ko9+ -0fbWn4e/1LcgNjF2jpHPhsls2oTRCgYozh1cAUcfX5YiP6wkF+gzvLVG6D7bRKEC -PH6pJPs4pQ0FCwMQDS9R3gEDqCVnLt23PZO1o29oK/BrbjhQ1zb2W9erFxczROih -hHMpLucuY/X55/6QrbyosNqjXCTpoR98Bk6xnvMyuXuIwCgQCT6HD8yvKH3+gG06 -LOQ3t9jy+JIiiwX7l/JNJPYZr+ElXlZa4DGO15/91qcDZbBIsmGJsZHlaglojjUn -utyrqnai1jInZPMGvlZfuLkAuOPtJKMZdXoS8LzlcXkCgYEA+ukTVtlxYHtGb84I -xR2YQ7Zn1pYJj6Sc01wQuo+oHpFuOpi/VUGrsnKN9W1bxL7T8TJC0Rjffz7mfuGs -5YoWFOplVju0sG1KtpQ2qBKAaMiGsPoa4L2VbZnlyzQj1rDa0RYwW+zNnbGfipdg -jqfsjknvGA/aaLgbkMv0ZH5GJyMCgYEAzTE6P3EcZheU+swDUwpoOYkVRCH39xy5 -roX0VLwpU7ARUqgmBj22Z1dnh9WM1+9Rc+LYFOtY1C1IWfPy/x/edJel5hHW+8EF -80kYp3Hv6CfYWlVDDxbmzpN8lHnYKigR/eKVq32jSMoQ4NTduwBb3NkMHHQG3cft -885zPFrLU00CgYEAx7sLmwICn4PiIRQIpSiW0af85rOOrtqhwBo0ct3yPUsVTO3U -uQBKtgU8fdbsyyQAwKp6x8od90PR5cSthhcy1rlzq35hqmOFqus2yvnXYBHoLi8Z -gDdKIPH2G5jIwpkLxo78NeC+GL6ROpif009XHjk6a5QLD3sm7k98nxZpr7MCgYBD -Oj27S3PifxdwlCcCrgY305IEIJz9eYvcgkbq/DsOEEGcszrCELYSZbCl8HGUzfQB -4/Cn6fPQkIWD80lKDUb1LDpOhsnI8hThALHzKoFPrr5T2lt+NiKoy+mlO8Z3CWnb -pMEkzqUQ1CNzhkqfWh6+3N369IjLYRW1K47V12mGgQKBgCXyTridJ0HZRuspKOo0 -SGQONUEELIs9jOyqZqt3/0vhhkD9rpyEL+J1dr+pKTAFTw3G0bC8A2FlykCnD2Ph -rMUucItj6svLLPIN8GzLxI2c1h5lwbPpVDyVIkcZCqbJ9V0vLzP+JmIsDscQG3xw -SyfaSuozFOSzgIg/ZZNEGT9P +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDB1c4MHWnuqDBZ +6VMYyk16W5qVKmoQnm9cbjXC5hkmUU7BitYjthT+udt5dtzcbPo0bJf9/YNsfG00 +EsT/8/rUufU6K3Uor6Dj4r8Q1e/rm19KNChe79iJ7VzYu9yh/mVujVkLF51OgcKD +Fe7eDAGxhhpp9yG9WbWeBG8Ueoqh4uIHekFE5+LizbjgDOrYwna8XXhThyJQqnAV ++SL4GwkVe38S902Mf78ZvnrWfUSuo0ZOigJr+7s2R4/nsvoCC8Ec6cMiJApqJ+9J +ED9/nLcCPSsdh4exD+cJdWOe7Jd1HyfjcQ5dGF6a8NS+o8JUzI2H6d961Q3hvzD4 +4v4SgbYZAgMBAAECggEAUQs9gvg7ZfNBgB5bxZY0TdAGMo8Q2ND9m8ZiyRIe+tPt +G2Qaw8SqQ5TfDIqjrrAL7yZmaGZ6cD4YBLlCUAgpXI9B1qf77N595TpVi8r/bOHC +NkrXhFZBEe5CL0Zg6gRtUYtc6xPdDEmZ0+g0PvgDLz/0RFD1dO+Qzbhp30SbOTLh +pZRMkz8KtjnwMKN8HJKsQctMVthnAfU5FW77+xpynovT9qs/zbZCcxGm/FMXc1VI +Dxmy3yaztGLYD1amON7BdL7rYnfFvEbg+mhrc5tNvFN2KeQCpjdOmeRyuIG8VWJr +u/P1O4ho1iWA5bhslhw1bbZh8JdR80uSL4q17x4WLwKBgQD6VApTzjW56KVu8RPs +qup+7hLI81X6IT9naXwUTmfuHPj6ak5xoyKmnTYgA9RWL6em7KkK6o+OVwO0Gxlr +tBGu2++QQjCNQjhzujgmlglk/oDh5HSys60g+BKkExpyk27rZHuvcduBmLuBvn3g +Rr/0PzJPH5LzpfxyzH0pFbiHtwKBgQDGOheKeWUUaDOxMi5rrY2+NGHJtzrLkbHn +9ss7Xb7OCOzZsw+AUnxIxTd9Ysloj9bhG7pRIn8xgofJ7z6m+mTVwF0+GwlhmrZd +U9U1BOxkzR8q744tO5bGrF5wtGyMydILwJjz1tw9OiEwy58C1Ad5WOZt7Lu9/Rhn +qQrdHyqQrwKBgHF9SHFWO+VdJCN4CKBznHyPUtTn/UK5cBViLW7HXTcGy5o8N/Qt +EbiX7cH1+n5YfJmhEcJxNURDDtrIrm215Y5xB9tPJtPkAdP1yR81Rm0TNTs0Z/Pc +odEgptLcFlF7pf3yQGD6LZpDtD7OLiNP8Ba70AMvPWBZEGq7asMFpfNhAoGAMQ6R +YuC2Jj2/hTvRBy71ZDwcc0pYT6bn62tFUpTZsq28yAerb2t6fJvqJqq7A5iNajpt +esTZy4vtRQljbPmM2OV5bfRM9w3N0fz8R9nHEw88hmiwu/sCTnq8CJJuRs1voR7x ++26SJMjtC+Fooc+NZfedV1j+AX/QeV75ZE3hP9sCgYEAsHtQuviAZ6LKKp3N6wrZ +NnCvzF4sZhGBp32v07bVba0AN/omG39ab5SRp2G5+rtO7uyisOfonmeoOTQauYOb +NcnsjJ++ZQ1PKaSV8cxMRdbbAup6XwBps+CXLAGLGhF4LGd0sKVa0aBpmFfmk7Qs +A4LC20RdtOiu1s5krdmXQvg= -----END PRIVATE KEY----- diff --git a/selenium/test/multi-oauth/rabbitmq.tls.conf b/selenium/test/multi-oauth/rabbitmq.tls.conf index 61107323c637..4dd4a1c886a2 100644 --- a/selenium/test/multi-oauth/rabbitmq.tls.conf +++ b/selenium/test/multi-oauth/rabbitmq.tls.conf @@ -2,13 +2,13 @@ auth_backends.1 = rabbit_auth_backend_oauth2 listeners.ssl.1 = 5671 -ssl_options.cacertfile = ${RABBITMQ_TEST_DIR}/certs/ca_certificate.pem -ssl_options.certfile = ${RABBITMQ_TEST_DIR}/certs/server_rabbitmq_certificate.pem -ssl_options.keyfile = ${RABBITMQ_TEST_DIR}/certs/server_rabbitmq_key.pem +ssl_options.cacertfile = ${RABBITMQ_CERTS}/ca_rabbitmq_certificate.pem +ssl_options.certfile = ${RABBITMQ_CERTS}/server_rabbitmq_certificate.pem +ssl_options.keyfile = ${RABBITMQ_CERTS}/server_rabbitmq_key.pem ssl_options.verify = verify_peer ssl_options.fail_if_no_peer_cert = true management.ssl.port = 15671 -management.ssl.cacertfile = ${RABBITMQ_TEST_DIR}/certs/ca_certificate.pem -management.ssl.certfile = ${RABBITMQ_TEST_DIR}/certs/server_rabbitmq_certificate.pem -management.ssl.keyfile = ${RABBITMQ_TEST_DIR}/certs/server_rabbitmq_key.pem +management.ssl.cacertfile = ${RABBITMQ_CERTS}/ca_rabbitmq_certificate.pem +management.ssl.certfile = ${RABBITMQ_CERTS}/server_rabbitmq_certificate.pem +management.ssl.keyfile = ${RABBITMQ_CERTS}/server_rabbitmq_key.pem diff --git a/selenium/test/oauth/certs/ca_certificate.pem b/selenium/test/oauth/certs/ca_certificate.pem deleted file mode 100644 index cd37bea304f5..000000000000 --- a/selenium/test/oauth/certs/ca_certificate.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDezCCAmOgAwIBAgIJAOA06nrAwraBMA0GCSqGSIb3DQEBCwUAMEwxOzA5BgNV -BAMMMlRMU0dlblNlbGZTaWduZWR0Um9vdENBIDIwMjMtMTEtMTZUMTI6MjQ6NDcu -Mjg5MDkzMQ0wCwYDVQQHDAQkJCQkMB4XDTIzMTExNjExMjQ0N1oXDTMzMTExMzEx -MjQ0N1owTDE7MDkGA1UEAwwyVExTR2VuU2VsZlNpZ25lZHRSb290Q0EgMjAyMy0x -MS0xNlQxMjoyNDo0Ny4yODkwOTMxDTALBgNVBAcMBCQkJCQwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDWJrvvUvpkiAhvIiciuTbFHRMC7VdOXdIM3y3I -Vt56Voj3dkCVitFcvTc+pkuqoQUaWRTc5M+875CaQSRIDfVyFTIGTyVXv6cZRcoz -0gcmYvopIJ4Wi5/xG9Qp8uJMtr+UBJ57ez6Urau/L3zETAVZA+y1bTylAlh4tjMH -I24bvyy4yNQbPtG4y5F9x484fn3H4x7lf6O/Xulcvy8vL1kyc/EgrF4fpjogwj58 -eQ5HLwbAlMRRxXxXX2U5tXlrv475WItp/1mhZ+j2yCMKB4tJ8tXbtpgou0JDtlN0 -8Jwm3+d5a6PxqynmgRAXStZ4Fda93Pa3FJfw1u63JrmOprG9AgMBAAGjYDBeMA8G -A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBS2Icxjr1ucGCIx -ikeSG9igJf558jAfBgNVHSMEGDAWgBS2Icxjr1ucGCIxikeSG9igJf558jANBgkq -hkiG9w0BAQsFAAOCAQEAR0iG00uE2GnoWtaXEHYJTdvBBcStBB8qnRk19Qu/b8qd -HAhRGb31IiuYzNJxLxhOtXWQMKvsKPAKpPXP3c5XVAf2O156GoXEPkKQktF738Pp -rRlrQPqU9Qpm84rMC54EB7coxEs7HMx4do/kNaVPdqq++JIEAcWOEVKfudN+8TMR -XyUJT54jBacsTpAZNfY6boJmuQ+G6tkpQvlHOU6388IFuLPkYRO7h7CHVbDsMEXD -Ptg3PCK97nCVgs4xfQGR7nT2pawfEUQVMon/XShtXY0RIKpynwrgICHDdvMXRXlG -a4haA7sz8Wyroy6Ub5+X3s4YRumSQrhiwRzqU+f75A== ------END CERTIFICATE----- diff --git a/selenium/test/oauth/certs/server_rabbitmq_certificate.pem b/selenium/test/oauth/certs/server_rabbitmq_certificate.pem deleted file mode 100644 index ef57ff61a411..000000000000 --- a/selenium/test/oauth/certs/server_rabbitmq_certificate.pem +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDxDCCAqygAwIBAgIBDTANBgkqhkiG9w0BAQsFADBMMTswOQYDVQQDDDJUTFNH -ZW5TZWxmU2lnbmVkdFJvb3RDQSAyMDIzLTExLTE2VDEyOjI0OjQ3LjI4OTA5MzEN -MAsGA1UEBwwEJCQkJDAeFw0yNDAyMDkwODE3MDFaFw0zNDAyMDYwODE3MDFaMCQx -ETAPBgNVBAMMCHJhYmJpdG1xMQ8wDQYDVQQKDAZzZXJ2ZXIwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQCjxmYRJeYfOnQ91ZSIZsjznnPiy0yukFnapF7Y -iIXxFCygEnw/hwqSG7ddkvDjNlc6P+K4rEEBmER87mEl0YqvAZ9/C6K4OANJFuD7 -kQYH3Uyt+aXJfeyByAjr8HM/jSHDZm5DpysVlSBMkJGg4sV9h38i0aT27+J0a4xm -Yb9pH+bbWKn4QflvOQi7IcyZ+PcB54/vCDZRtlypkT/6EuqTXqRHH9wGlYaos+Jo -XMQDWykYtN2160E1gUwW1OhdRlDHj21Tej9fYObRjb326au4e3ivTPqKYLYsSz0Y -dcRoM6SjvwGiAC131n2XeHyKTQrMeKOb+TTVHzJZG7iUM5iBAgMBAAGjgdgwgdUw -CQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG -AQUFBwMCMCkGA1UdEQQiMCCCCHJhYmJpdG1xgglsb2NhbGhvc3SCCWxvY2FsaG9z -dDAdBgNVHQ4EFgQUs9vJtNmoNWybsVgMmeRqcPGXRckwHwYDVR0jBBgwFoAUtiHM -Y69bnBgiMYpHkhvYoCX+efIwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL2NybC1z -ZXJ2ZXI6ODAwMC9iYXNpYy5jcmwwDQYJKoZIhvcNAQELBQADggEBAHxsmfxpoGZg -AlLu+Y62TQxqp2i+PqLJHuGBdB/93NV3S3P3tlDaqHwYt0mveS7ej+JXhw9wvSZz -jmejWePL08FXD9KPggRP4/SsG6Adf/5+vcofYR23I7D4y9hsrDqZezCurWZ4LY4X -dYmIQcI6IwgcjffWhsyt3CEbU+yVg6jrjVWv5sVPi3xZUu/dwpTdrdNzeUIFM8vf -H3BS8EcLwtaNR4snLJlFIhuDfDv7Ewi1FsmM4zkSe/aHboUNDduI2poRW/EPtbdM -zD1pVXNh1Q9hkqFCD7l4Vua+JVsA7PWD7yr73pm2ak6GfgjA7Enj0a6KbAfAXLMr -otRknmbKCUU= ------END CERTIFICATE----- diff --git a/selenium/test/oauth/certs/server_rabbitmq_key.pem b/selenium/test/oauth/certs/server_rabbitmq_key.pem deleted file mode 100644 index f5df03f73df8..000000000000 --- a/selenium/test/oauth/certs/server_rabbitmq_key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjxmYRJeYfOnQ9 -1ZSIZsjznnPiy0yukFnapF7YiIXxFCygEnw/hwqSG7ddkvDjNlc6P+K4rEEBmER8 -7mEl0YqvAZ9/C6K4OANJFuD7kQYH3Uyt+aXJfeyByAjr8HM/jSHDZm5DpysVlSBM -kJGg4sV9h38i0aT27+J0a4xmYb9pH+bbWKn4QflvOQi7IcyZ+PcB54/vCDZRtlyp -kT/6EuqTXqRHH9wGlYaos+JoXMQDWykYtN2160E1gUwW1OhdRlDHj21Tej9fYObR -jb326au4e3ivTPqKYLYsSz0YdcRoM6SjvwGiAC131n2XeHyKTQrMeKOb+TTVHzJZ -G7iUM5iBAgMBAAECggEAOdYOpW+k3NJfypZqZeEmhiIm+qig4+TGVphFhmJwKrrd -J4pfpm+iJAb1sm3588N0+nUlM+Jg8pc7WIM2e4yMVVFVaiBJzpS5VE5oFW8Zmh1k -vuuyyH1X0F08CVZY3NCSY9cAiZO3e1+2kFNdmlt7MuFu3HT8tNfyOPriEiXi2tSA -qmgUmMql305wYwjIp+mTP8X7YKKdIdCXwPC2E1Kj5SseEc9NYvHdmeJ3nZCVATbS -h8aP7HB5GpsDMHbnnFzOqPfxIPxYkJ4JqE0iGpw+SMYbIGLVkMEGodpWjBwZiaaI -EMeJJk3Qs/QvVLDxhSsFXsaLGLgYN0rItYX9dUyroQKBgQDOOLKJ9OPcm3sAWo9e -byRYegDPPM06Es5s0hF0Pr0u6X8F7fDnpS74XVMlWxZzvXWgZQNwC2nYaGfNpK5t -E2FxIC0S69W4m1L6sp2sTRLSJo5NiZc4kNVjGvnmgIrNqMhJK8pLOh5xx6/kAbpo -/lydhtXWP0omw5imFkh3bGQuZwKBgQDLTsCu01OCNuQs0Y9hgW/iHzRpX1aHvp8X -u8v/AtOS3z5a3WptrLah/HHM5B/4Hh9dW4uljuR0zTsk8dFD8lQ/mdxbXjPGEcN6 -QNe1Md2nV0xAZsW1Xp1iFDomS5xSn+qWDmR0EAXvs0hHMQnX1k7+dp2mK1whRwdM -z4mv0cZg1wKBgDnuzaFZ7aVs/GoGBt7FpFVCuPV/JDxbSihh/0tD0MvcBrY4uQOq -cP6O4SvOYglTwTa1CfkxC6Qi+H5Z9DJqTmaEXoVBQYIiCHarNQZRhKcK89EuhQ/8 -CCZWTrwFgnjyIIoFxkfJ5QGb0nrgTWjvhD8wwOP2VbN8IWcPPX5nMeGjAoGBAL7b -y59T3E2d4k8A3C2ZKcOJr9ZMHhuJJClPr45SxPRYh10eB0+2mC0xpFPIxQpUnPUz -f8GIh4fvMtrX+LBkyhp7ApbztH75Jh2ayeXcTk1OctLyqCBAFleAzaYtzS7z2XHN -SRh8AlaoY+4RZ0AsfDP+frkEc5T57Sx6mLNpp2Y5AoGAXG5BGedrCMa44Ugpux41 -saTIlaXUOObxdsGTLMOy1Ppb9LW5yk4kS8ObP3SksjUUZrRUO/BagLukgcaS038/ -AbNDU5lMCmMfwxPN2lulERhaIA1BeVgmOwJYY7nqXkL5Yibu0OXnvvbCkt0eLnp2 -ATZBECwIxNuB9pixRmDhXsM= ------END PRIVATE KEY----- diff --git a/selenium/test/oauth/env.docker.fakeportal b/selenium/test/oauth/env.docker.fakeportal index fc6d56f47b3a..685c0c17a056 100644 --- a/selenium/test/oauth/env.docker.fakeportal +++ b/selenium/test/oauth/env.docker.fakeportal @@ -1,3 +1,3 @@ export FAKEPORTAL_URL=http://fakeportal:3000 export RABBITMQ_HOST_FOR_FAKEPORTAL=${RABBITMQ_HOST} -export UAA_URL_FOR_FAKEPORTAL=http://uaa:8080 +export UAA_URL_FOR_FAKEPORTAL=https://uaa:8443 diff --git a/selenium/test/oauth/env.docker.fakeproxy b/selenium/test/oauth/env.docker.fakeproxy index 37d1e5eccd9f..9e9260d2f8d6 100644 --- a/selenium/test/oauth/env.docker.fakeproxy +++ b/selenium/test/oauth/env.docker.fakeproxy @@ -1,4 +1,4 @@ export FAKEPROXY_URL=http://fakeproxy:9090 -export UAA_URL_FOR_FAKEPROXY=http://uaa:8080 +export UAA_URL_FOR_FAKEPROXY=https://uaa:8443 export RABBITMQ_HOST_FOR_FAKEPROXY=${RABBITMQ_HOST} export PUBLIC_RABBITMQ_HOST=fakeproxy:9090 diff --git a/selenium/test/oauth/env.docker.keycloak b/selenium/test/oauth/env.docker.keycloak index 774a99ff3c9b..b293b57bc2b9 100644 --- a/selenium/test/oauth/env.docker.keycloak +++ b/selenium/test/oauth/env.docker.keycloak @@ -1,3 +1,3 @@ export KEYCLOAK_URL=https://keycloak:8443/realms/test export OAUTH_PROVIDER_URL=https://keycloak:8443/realms/test -export OAUTH_PROVIDER_CA_CERT=/config/oauth/keycloak/ca_certificate.pem +export OAUTH_PROVIDER_CA_CERT=/config/oauth/keycloak/ca_keycloak_certificate.pem diff --git a/selenium/test/oauth/env.docker.uaa b/selenium/test/oauth/env.docker.uaa index afc439185290..df2a89c61371 100644 --- a/selenium/test/oauth/env.docker.uaa +++ b/selenium/test/oauth/env.docker.uaa @@ -1 +1 @@ -export UAA_URL=http://uaa:8080 +export UAA_URL=https://uaa:8443 diff --git a/selenium/test/oauth/env.local.fakeportal b/selenium/test/oauth/env.local.fakeportal index 520c2ce34c42..488f3fd447d8 100644 --- a/selenium/test/oauth/env.local.fakeportal +++ b/selenium/test/oauth/env.local.fakeportal @@ -1,3 +1,3 @@ export FAKEPORTAL_URL=http://localhost:3000 export RABBITMQ_HOST_FOR_FAKEPORTAL=localhost:15672 -export UAA_URL_FOR_FAKEPORTAL=http://host.docker.internal:8080 +export UAA_URL_FOR_FAKEPORTAL=https://uaa:8443 diff --git a/selenium/test/oauth/env.local.keycloak b/selenium/test/oauth/env.local.keycloak index 1fa28ef79232..6451a3d44624 100644 --- a/selenium/test/oauth/env.local.keycloak +++ b/selenium/test/oauth/env.local.keycloak @@ -1,3 +1,7 @@ export KEYCLOAK_URL=https://localhost:8443/realms/test export OAUTH_PROVIDER_URL=https://localhost:8443/realms/test +<<<<<<< HEAD export OAUTH_PROVIDER_CA_CERT=deps/rabbitmq_management/selenium/test/oauth/keycloak/ca_certificate.pem +======= +export OAUTH_PROVIDER_CA_CERT=selenium/test/oauth/keycloak/ca_keycloak_certificate.pem +>>>>>>> 6bf27a212f (Use tls in oauth providers and rabbitmq) diff --git a/selenium/test/oauth/env.local.uaa b/selenium/test/oauth/env.local.uaa index 40d8bf716099..9caac0c8f537 100644 --- a/selenium/test/oauth/env.local.uaa +++ b/selenium/test/oauth/env.local.uaa @@ -1 +1 @@ -export UAA_URL=http://localhost:8080 +export UAA_URL=https://localhost:8443 diff --git a/selenium/test/oauth/keycloak/ca_certificate.pem b/selenium/test/oauth/keycloak/ca_certificate.pem deleted file mode 100644 index cd37bea304f5..000000000000 --- a/selenium/test/oauth/keycloak/ca_certificate.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDezCCAmOgAwIBAgIJAOA06nrAwraBMA0GCSqGSIb3DQEBCwUAMEwxOzA5BgNV -BAMMMlRMU0dlblNlbGZTaWduZWR0Um9vdENBIDIwMjMtMTEtMTZUMTI6MjQ6NDcu -Mjg5MDkzMQ0wCwYDVQQHDAQkJCQkMB4XDTIzMTExNjExMjQ0N1oXDTMzMTExMzEx -MjQ0N1owTDE7MDkGA1UEAwwyVExTR2VuU2VsZlNpZ25lZHRSb290Q0EgMjAyMy0x -MS0xNlQxMjoyNDo0Ny4yODkwOTMxDTALBgNVBAcMBCQkJCQwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDWJrvvUvpkiAhvIiciuTbFHRMC7VdOXdIM3y3I -Vt56Voj3dkCVitFcvTc+pkuqoQUaWRTc5M+875CaQSRIDfVyFTIGTyVXv6cZRcoz -0gcmYvopIJ4Wi5/xG9Qp8uJMtr+UBJ57ez6Urau/L3zETAVZA+y1bTylAlh4tjMH -I24bvyy4yNQbPtG4y5F9x484fn3H4x7lf6O/Xulcvy8vL1kyc/EgrF4fpjogwj58 -eQ5HLwbAlMRRxXxXX2U5tXlrv475WItp/1mhZ+j2yCMKB4tJ8tXbtpgou0JDtlN0 -8Jwm3+d5a6PxqynmgRAXStZ4Fda93Pa3FJfw1u63JrmOprG9AgMBAAGjYDBeMA8G -A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBS2Icxjr1ucGCIx -ikeSG9igJf558jAfBgNVHSMEGDAWgBS2Icxjr1ucGCIxikeSG9igJf558jANBgkq -hkiG9w0BAQsFAAOCAQEAR0iG00uE2GnoWtaXEHYJTdvBBcStBB8qnRk19Qu/b8qd -HAhRGb31IiuYzNJxLxhOtXWQMKvsKPAKpPXP3c5XVAf2O156GoXEPkKQktF738Pp -rRlrQPqU9Qpm84rMC54EB7coxEs7HMx4do/kNaVPdqq++JIEAcWOEVKfudN+8TMR -XyUJT54jBacsTpAZNfY6boJmuQ+G6tkpQvlHOU6388IFuLPkYRO7h7CHVbDsMEXD -Ptg3PCK97nCVgs4xfQGR7nT2pawfEUQVMon/XShtXY0RIKpynwrgICHDdvMXRXlG -a4haA7sz8Wyroy6Ub5+X3s4YRumSQrhiwRzqU+f75A== ------END CERTIFICATE----- diff --git a/selenium/test/oauth/keycloak/openssl.cnf.in b/selenium/test/oauth/keycloak/openssl.cnf.in new file mode 100644 index 000000000000..5ac3282046c5 --- /dev/null +++ b/selenium/test/oauth/keycloak/openssl.cnf.in @@ -0,0 +1,3 @@ +[ client_alt_names ] +email.1 = rabbit_client@localhost +URI.1 = rabbit_client_id_uri diff --git a/selenium/test/oauth/keycloak/server_keycloak_certificate.pem b/selenium/test/oauth/keycloak/server_keycloak_certificate.pem deleted file mode 100644 index 242c153987b7..000000000000 --- a/selenium/test/oauth/keycloak/server_keycloak_certificate.pem +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIID0zCCArugAwIBAgIBAzANBgkqhkiG9w0BAQsFADBMMTswOQYDVQQDDDJUTFNH -ZW5TZWxmU2lnbmVkdFJvb3RDQSAyMDIzLTExLTE2VDEyOjI0OjQ3LjI4OTA5MzEN -MAsGA1UEBwwEJCQkJDAeFw0yMzExMTYxMTI0NDhaFw0zMzExMTMxMTI0NDhaMCQx -ETAPBgNVBAMMCGtleWNsb2FrMQ8wDQYDVQQKDAZzZXJ2ZXIwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDso0G4gflW5HDiBuwrjvyYy3rUx/24IxHQzZMT -7o1qoXA/h8C0kUX7aS6XFij8hCNHdNG0GL/QPifKxwiW8JIK2Xpy6jdxDzooHaDU -+Tyk8BDFYnQtXaMsqb5zXJ/P4u8bjBP4X2+/gnbNF/1yyOZxpRObrWxX+C2IJ+vy -ruh+TCEqokJ5jE+m6GPgiqx56bytXX0KLhuI7jXT60NKGqNVCV8qn5fO4z/fh6FY -tFxRc0QHy48YHBFo+I+R9nW4xq+0pbctnjTzlfRxHYEWvnsrptc4AOa6b49HSShf -qmkxgVn3G/U5Gmtzu2IjPWfGVwRjBo4hhoeG/fV9FMhqz6fjAgMBAAGjgecwgeQw -CQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG -AQUFBwMCMDgGA1UdEQQxMC+CCGtleWNsb2Frghhtcm9zYWxlczBMVkRRLnZtd2Fy -ZS5jb22CCWxvY2FsaG9zdDAdBgNVHQ4EFgQUwxjubJIZkvDwv9aDtdNcDcfmSSQw -HwYDVR0jBBgwFoAUtiHMY69bnBgiMYpHkhvYoCX+efIwMQYDVR0fBCowKDAmoCSg -IoYgaHR0cDovL2NybC1zZXJ2ZXI6ODAwMC9iYXNpYy5jcmwwDQYJKoZIhvcNAQEL -BQADggEBAFmcToMQTRER97Mk5CK3qopzdFveJWHgyAHh35DQdCxtBadOXmC3n82p -dumNOKhSFNx6Hre38cQHBIuir2g4dvalfN7PwDttdi7TRPGS30bAbA4/VWtld9bt -66QDSh5Obsuq23dA9eEs34GfggXpTyBSyX4AWsHOmUpeoYSJEsUmxoMAgezu0p8r -kgOJQ0j63vG4S7jHMvtKHNG5LMTvIUk8FNW6SA/7AhJxmzEQiBFXMghenEqd682u -TpeRHe6+/Nyge1B1FYUgDVbaZ2/694tdT3V3tFvKhqbTZrKMdFJRpiMUjgfs1GzI -+NhzvUTa6MbV1ZgeXv3YmU+diCgiTmk= ------END CERTIFICATE----- diff --git a/selenium/test/oauth/keycloak/server_keycloak_key.pem b/selenium/test/oauth/keycloak/server_keycloak_key.pem deleted file mode 100644 index fb461404eea9..000000000000 --- a/selenium/test/oauth/keycloak/server_keycloak_key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDso0G4gflW5HDi -BuwrjvyYy3rUx/24IxHQzZMT7o1qoXA/h8C0kUX7aS6XFij8hCNHdNG0GL/QPifK -xwiW8JIK2Xpy6jdxDzooHaDU+Tyk8BDFYnQtXaMsqb5zXJ/P4u8bjBP4X2+/gnbN -F/1yyOZxpRObrWxX+C2IJ+vyruh+TCEqokJ5jE+m6GPgiqx56bytXX0KLhuI7jXT -60NKGqNVCV8qn5fO4z/fh6FYtFxRc0QHy48YHBFo+I+R9nW4xq+0pbctnjTzlfRx -HYEWvnsrptc4AOa6b49HSShfqmkxgVn3G/U5Gmtzu2IjPWfGVwRjBo4hhoeG/fV9 -FMhqz6fjAgMBAAECggEBAM4lGqelcpUjxMLizPLVSW/CM2sSHhE/W9HOhIYklsWB -hcuSc2nZ9GEkLBYqk+IHKsShG94MgWzj+L5JzU3QnSkec/GP4GR5o2w3A1kFFrOI -/tM1BYhPvkq2RNcypXXwd+RDj1Ibsbnf6aaZc41/PmFaMU65MV0hMmkefgmYHamG -86kdCX1vZ2NwJWL1ALAf2rRb30QWl+W+/qDnDZ1qdxVbok8106HXBB3uXhLyaBIR -t9lGUqOoh3bdNsvPmma6T5y1cEXwcsVtfxB+myxils0XD0HsGa5FBGARh7/6jPeV -zs9nvcwVvruNGb4k4T6yEz0JutaFSgmWjAMu2pe5i4ECgYEA+k8mvt9JVmqqKLHv -Vr8BcLT2JK0/rrblth4fDiyZzKixaGnlZuXWOhiQF9+0lAk0zZjLXDZr6dWE/gMK -ZyRj1xrmB37f6/Z6F9M4r/n3RjzINkD6D5sA+Gg5nR6+nh7gNq3J6F33ZUaODeBh -EyTMXh7RT+Ug1G9BFg81tl0sNfECgYEA8gSI5otRI6i4zUZFg0ziwoIWJpdEyWwb -q7UgYzn8N8LprVibwkhnjfXysbulo/7gvRZ+uCw702xUfv1uyEKc5PHmOer4ElRU -iYdJeZblbrlk6eyOFEqucovPte82YnqFIQn6KJqNLKlG2KHIsYX1igVyGbMB2Pp/ -4iE32HefFxMCgYAEtJg13lyyky6/tRiauNx+EejOp7MaxbVrxwUubwg1ILa1D8iQ -NqHgVbXfvQTYA5RKiSTJhvxgWPM3EzeO2NBHqunIGkp7VRbWe9IE/N35JAtfebk5 -seBCyzLKEVnj/xCX9oxlId8UuE7TU/R/N6Hf4xRsPBJx6+V9VKvd0cKTAQKBgCZU -6Yn6TuOi+YIpuyDMsK22BOQf2Vk9sjRD/9k3eecrC+/UtPbUmPI3HjVgTx/mYpoQ -UgnBl8goxElIwp8dTdRFK/3IZXohuTH/J3gGmlgrLPyP5wD3wyGJW2CpfqeiWCuf -dOuxbuK//OSa2zqiyP0PV78SRxyisFaUhE/Ywm3ZAoGAYwa5t5kdPjVqtxRAsDuX -itQM5qEqLZIYlN7ehKPn8okTCc761ddaI/+fluH5S4YCo21itq38UssAjp6vbwpy -lHhvP03bpo63iz4RYwKDNEh2HD3z/a9eteColtXU8lPpfky360AwGQ1Bx7RaGGas -ttPmhm+mk3G6fRHYvk6rtJY= ------END PRIVATE KEY----- diff --git a/selenium/test/oauth/rabbitmq.tls.conf b/selenium/test/oauth/rabbitmq.tls.conf index 61107323c637..4dd4a1c886a2 100644 --- a/selenium/test/oauth/rabbitmq.tls.conf +++ b/selenium/test/oauth/rabbitmq.tls.conf @@ -2,13 +2,13 @@ auth_backends.1 = rabbit_auth_backend_oauth2 listeners.ssl.1 = 5671 -ssl_options.cacertfile = ${RABBITMQ_TEST_DIR}/certs/ca_certificate.pem -ssl_options.certfile = ${RABBITMQ_TEST_DIR}/certs/server_rabbitmq_certificate.pem -ssl_options.keyfile = ${RABBITMQ_TEST_DIR}/certs/server_rabbitmq_key.pem +ssl_options.cacertfile = ${RABBITMQ_CERTS}/ca_rabbitmq_certificate.pem +ssl_options.certfile = ${RABBITMQ_CERTS}/server_rabbitmq_certificate.pem +ssl_options.keyfile = ${RABBITMQ_CERTS}/server_rabbitmq_key.pem ssl_options.verify = verify_peer ssl_options.fail_if_no_peer_cert = true management.ssl.port = 15671 -management.ssl.cacertfile = ${RABBITMQ_TEST_DIR}/certs/ca_certificate.pem -management.ssl.certfile = ${RABBITMQ_TEST_DIR}/certs/server_rabbitmq_certificate.pem -management.ssl.keyfile = ${RABBITMQ_TEST_DIR}/certs/server_rabbitmq_key.pem +management.ssl.cacertfile = ${RABBITMQ_CERTS}/ca_rabbitmq_certificate.pem +management.ssl.certfile = ${RABBITMQ_CERTS}/server_rabbitmq_certificate.pem +management.ssl.keyfile = ${RABBITMQ_CERTS}/server_rabbitmq_key.pem diff --git a/selenium/test/oauth/uaa/server.xml b/selenium/test/oauth/uaa/server.xml new file mode 100644 index 000000000000..f86407ddf87a --- /dev/null +++ b/selenium/test/oauth/uaa/server.xml @@ -0,0 +1,43 @@ + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/selenium/test/oauth/uaa/uaa.yml b/selenium/test/oauth/uaa/uaa.yml index 546a78402f2a..45863216883f 100644 --- a/selenium/test/oauth/uaa/uaa.yml +++ b/selenium/test/oauth/uaa/uaa.yml @@ -1,3 +1,6 @@ +require_https: true +https_port: 8443 + logging: config: /uaa/log4j2.properties