Redo the whole cert signing process

qgis · Jun 5, 2019 · 608f050 · 608f050
1 parent c763366
commit 608f050
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 56 deletions.
diff --git a/.ci/travis/linux/docker-compose.travis.yml b/.ci/travis/linux/docker-compose.travis.yml
@@ -9,7 +9,7 @@ services:
 # The following files are added in Dockerfile-postgis
       - SSL_CERT_FILE=/etc/ssl/certs/postgres_cert.crt
       - SSL_KEY_FILE=/etc/ssl/private/postgres_key.key
-      - SSL_CA_FILE=/etc/ssl/certs/chains_subissuer-issuer-root_issuer2-root2.pem
+      - SSL_CA_FILE=/etc/ssl/certs/issuer_ca_cert.pem
 
   mssql:
     image: microsoft/mssql-server-linux:2017-latest

diff --git a/tests/src/python/test_authmanager_password_postgres.py b/tests/src/python/test_authmanager_password_postgres.py
@@ -98,7 +98,7 @@ def setUpClass(cls):
         authm = QgsApplication.authManager()
         assert (authm.setMasterPassword('masterpassword', True))
         cls.certsdata_path = os.path.join(unitTestDataPath('auth_system'), 'certs_keys')
-        cls.sslrootcert_path = os.path.join(cls.certsdata_path, 'chains_subissuer-issuer-root_issuer2-root2.pem')
+        cls.sslrootcert_path = os.path.join(cls.certsdata_path, 'issuer_ca_cert.pem')
 
         def printMessage(tag, msg, level):
             with open('/tmp/fmt.log', 'a') as f:

diff --git a/tests/testdata/Dockerfile-postgis b/tests/testdata/Dockerfile-postgis
@@ -2,7 +2,7 @@ FROM kartoza/postgis:11.0-2.5
 
 ADD auth_system/certs_keys/postgres.crt /etc/ssl/certs/postgres_cert.crt
 ADD auth_system/certs_keys/postgres.key /etc/ssl/private/postgres_key.key
-ADD auth_system/certs_keys/chains_subissuer-issuer-root_issuer2-root2.pem /etc/ssl/certs/chains_subissuer-issuer-root_issuer2-root2.pem
+ADD auth_system/certs_keys/issuer_ca_cert.pem /etc/ssl/certs/issuer_ca_cert.pem
 
 RUN chmod 400 /etc/ssl/private/postgres_key.key
 

diff --git a/tests/testdata/auth_system/certs_keys/postgres.crt b/tests/testdata/auth_system/certs_keys/postgres.crt
@@ -1,55 +1,18 @@
-Certificate:
-    Data:
-        Version: 1 (0x0)
-        Serial Number:
-            1c:fb:88:4d:65:d3:48:94:62:22:59:37:a8:83:da:87:4e:97:25:9d
-        Signature Algorithm: NULL
-        Issuer: CN = postgres
-        Validity
-            Not Before: Jun  5 15:08:18 2019 GMT
-            Not After : Oct  6 15:08:18 3018 GMT
-        Subject: CN = postgres
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
-                Modulus:
-                    00:9c:1b:1c:11:26:fe:5e:be:73:56:70:be:96:14:
-                    01:4c:df:be:2e:45:85:1d:13:6a:a8:9d:a3:93:d2:
-                    bb:5d:ab:e8:3a:12:8b:13:dd:b9:5e:f4:06:c4:82:
-                    44:3e:06:18:96:9d:2c:c4:3b:e6:7d:e1:ea:b0:7f:
-                    3a:12:92:f2:be:1b:06:09:86:77:fd:4a:05:29:e4:
-                    47:a2:db:d6:7b:8b:07:40:3c:99:4a:de:8f:fc:ec:
-                    15:80:69:7f:7f:2d:b8:7d:6a:0a:b4:bf:79:32:c0:
-                    cc:50:6c:0e:e9:77:ed:5d:37:0d:60:ef:5f:4a:52:
-                    cb:50:e6:b4:8a:8b:ee:6e:33:c9:26:ea:51:1e:30:
-                    63:a2:e7:a5:44:53:86:01:3f:94:91:c3:75:8f:c5:
-                    4b:c5:55:59:52:5a:e7:c1:38:71:b4:87:2a:9c:c8:
-                    86:1d:36:c6:5e:af:ff:4d:b8:dc:6a:6a:e7:52:12:
-                    d3:3b:7d:e3:27:75:0a:94:cc:46:db:d7:98:a6:a2:
-                    af:f6:9d:27:bf:fc:49:1d:7a:4e:a4:75:be:38:4a:
-                    d8:90:8d:d3:98:02:f0:bb:42:44:9c:4c:0f:fb:48:
-                    e4:10:ff:87:d7:df:f5:38:fa:8c:cc:09:0e:d4:9e:
-                    bc:e1:6f:f0:4f:37:d5:76:42:28:90:cd:e8:46:a7:
-                    64:a3
-                Exponent: 65537 (0x10001)
-    Signature Algorithm: NULL
 -----BEGIN CERTIFICATE-----
-MIIDOjCCAiKgAwIBAgIUHPuITWXTSJRiIlk3qIPah06XJZ0wDQYJKoZIhvcNAQEL
-BQAwEzERMA8GA1UEAwwIcG9zdGdyZXMwIBcNMTkwNjA1MTUwODE4WhgPMzAxODEw
-MDYxNTA4MThaMBMxETAPBgNVBAMMCHBvc3RncmVzMIIBIjANBgkqhkiG9w0BAQEF
-AAOCAQ8AMIIBCgKCAQEAnBscESb+Xr5zVnC+lhQBTN++LkWFHRNqqJ2jk9K7Xavo
-OhKLE925XvQGxIJEPgYYlp0sxDvmfeHqsH86EpLyvhsGCYZ3/UoFKeRHotvWe4sH
-QDyZSt6P/OwVgGl/fy24fWoKtL95MsDMUGwO6XftXTcNYO9fSlLLUOa0iovubjPJ
-JupRHjBjouelRFOGAT+UkcN1j8VLxVVZUlrnwThxtIcqnMiGHTbGXq//Tbjcamrn
-UhLTO33jJ3UKlMxG29eYpqKv9p0nv/xJHXpOpHW+OErYkI3TmALwu0JEnEwP+0jk
-EP+H19/1OPqMzAkO1J684W/wTzfVdkIokM3oRqdkowIDAQABo4GDMIGAMA8GA1Ud
-EwEB/wQFMAMBAf8wHQYDVR0OBBYEFKbEnZAYpnEtYqZ8eaK70hIzX2/NME4GA1Ud
-IwRHMEWAFKbEnZAYpnEtYqZ8eaK70hIzX2/NoRekFTATMREwDwYDVQQDDAhwb3N0
-Z3Jlc4IUHPuITWXTSJRiIlk3qIPah06XJZ0wDQYJKoZIhvcNAQELBQADggEBAJJD
-C7z9QC6yQL6/MT/8iAh2RKPrJR15LqJl5TmttF3K5kGgCadfLL7fYH3CeCRHPKJm
-wZ9DwuDqUIMGlGb/QJjTbs2ilNGPkBCNkuqDB2GbrcZ5Nq27c5Sc9yPj+UF49LRl
-qpnz15QPyOofZ+wXdKM9iJ3PDO5kb+fbRZrs0NGS42OIl/C+VmMuXtsn43syJ243
-IXOWLT10vTCzK1RbzZGqinuS1NhzKnJhLeR7+okqy/z8ddMCdghSe7Ga6jEyvRW0
-jSwM8+B6ocF+1hk2gVbzBs3uOViGz7i1uDbQ0lowKW8Fx8oFMFkUBdb+IyM8EsQK
-ihHZilCvMbRGAQ43dl4=
+MIIC3zCCAkigAwIBAgIUIw1V6Ryvz+3F/eYzlydwzjmTsNYwDQYJKoZIhvcNAQEL
+BQAwgacxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIEwZBbGFza2ExEjAQBgNVBAcTCUFu
+Y2hvcmFnZTEVMBMGA1UEChMMUUdJUyBUZXN0IENBMR4wHAYDVQQLExVDZXJ0aWZp
+Y2F0ZSBBdXRob3JpdHkxGjAYBgNVBAMTEVFHSVMgVGVzdCBSb290IENBMSAwHgYJ
+KoZIhvcNAQkBFhF0ZXN0Y2VydEBxZ2lzLm9yZzAeFw0xOTA2MDUyMDQyNTRaFw0y
+MDA2MDQyMDQyNTRaMBMxETAPBgNVBAMMCHBvc3RncmVzMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAnBscESb+Xr5zVnC+lhQBTN++LkWFHRNqqJ2jk9K7
+XavoOhKLE925XvQGxIJEPgYYlp0sxDvmfeHqsH86EpLyvhsGCYZ3/UoFKeRHotvW
+e4sHQDyZSt6P/OwVgGl/fy24fWoKtL95MsDMUGwO6XftXTcNYO9fSlLLUOa0iovu
+bjPJJupRHjBjouelRFOGAT+UkcN1j8VLxVVZUlrnwThxtIcqnMiGHTbGXq//Tbjc
+amrnUhLTO33jJ3UKlMxG29eYpqKv9p0nv/xJHXpOpHW+OErYkI3TmALwu0JEnEwP
++0jkEP+H19/1OPqMzAkO1J684W/wTzfVdkIokM3oRqdkowIDAQABoxcwFTATBgNV
+HREEDDAKgghwb3N0Z3JlczANBgkqhkiG9w0BAQsFAAOBgQB2fNbyVLGk9WHcKVb7
+8buV81ILFo18KdoQFD4kzrr896YjvaD90o5OiYeF0EAHZdyKIA0Bzdl/8dXKG6/7
+udGW81XxNU/1sI5H20sm1gDvj9BQ6UxT/oOalbJKolEhgtU2KA1Hdh2hxrrQ9Zqu
+hB/ykiE7sCbaeeQl1iEZxgnyDA==
 -----END CERTIFICATE-----