This is an automated email from the ASF dual-hosted git repository.
robbie pushed a commit to branch 0.x
in repository https://gitbox.apache.org/repos/asf/qpid-jms.git
commit cfeddfe8830166dcb8c43f781bb1f389fe5df7f5
Author: Robbie Gemmell <rob...@apache.org>
AuthorDate: Fri Jul 23 18:04:08 2021 +0100
NO-JIRA: consolidate on use of pkcs12 stores for test server
removes already-unused jceks and now-unused jks stores (converted one to
pkcs12), and simplify creation steps accordingly
(cherry picked from commit c24b9bd2b91be2a4be21512e4b48c56394080f22)
---
.../qpid/jms/integration/ProxyIntegrationTest.java | 8 +--
.../qpid/jms/integration/SaslIntegrationTest.java | 12 ++---
.../qpid/jms/integration/SslIntegrationTest.java | 55 +++++++--------------
.../qpid/jms/integration/WsIntegrationTest.java | 4 +-
...hAmqpOpenProvidedServerListIntegrationTest.java | 24 ++++-----
.../qpid/jms/transports/TransportSupportTest.java | 4 --
.../transports/netty/NettySslTransportTest.java | 7 ++-
qpid-jms-client/src/test/resources/README.txt | 17 ++-----
.../src/test/resources/broker-jceks.keystore | Bin 3762 -> 0 bytes
.../src/test/resources/broker-jceks.truststore | Bin 843 -> 0 bytes
.../src/test/resources/broker-jks.keystore | Bin 3782 -> 0 bytes
.../src/test/resources/broker-jks.truststore | Bin 843 -> 0 bytes
.../resources/broker-wrong-host-pkcs12.keystore | Bin 0 -> 4349 bytes
13 files changed, 51 insertions(+), 80 deletions(-)
diff --git
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/ProxyIntegrationTest.java
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/ProxyIntegrationTest.java
index 96fd7b7..b2efc8a 100644
---
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/ProxyIntegrationTest.java
+++
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/ProxyIntegrationTest.java
@@ -69,7 +69,7 @@ import io.netty.handler.proxy.Socks5ProxyHandler;
@RunWith(QpidJMSTestRunner.class)
public class ProxyIntegrationTest extends QpidJmsTestCase {
private static final Logger LOG =
LoggerFactory.getLogger(ProxyIntegrationTest.class);
- private static final String BROKER_JKS_KEYSTORE =
"src/test/resources/broker-jks.keystore";
+ private static final String BROKER_PKCS12_KEYSTORE =
"src/test/resources/broker-pkcs12.keystore";
private static final String CLIENT_JKS_TRUSTSTORE =
"src/test/resources/client-jks.truststore";
private static final String PASSWORD = "password";
@@ -98,7 +98,7 @@ public class ProxyIntegrationTest extends QpidJmsTestCase {
@Test(timeout = 20000)
public void testCreateSecureConnectionViaSocksProxy() throws Exception {
TransportOptions sslOptions = new TransportOptions();
- sslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
+ sslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
sslOptions.setKeyStorePassword(PASSWORD);
sslOptions.setVerifyHost(false);
@@ -232,7 +232,7 @@ public class ProxyIntegrationTest extends QpidJmsTestCase {
private void doTestCreateWebSocketConnectionViaHttpProxyAndStart(boolean
secure) throws Exception {
TransportOptions options = new TransportOptions();
- options.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
+ options.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
options.setKeyStorePassword(PASSWORD);
options.setVerifyHost(false);
@@ -290,7 +290,7 @@ public class ProxyIntegrationTest extends QpidJmsTestCase {
private void doTestCreateWebSocketConnectionViaSocksProxyAndStart(boolean
secure) throws Exception {
TransportOptions serverOptions = new TransportOptions();
- serverOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
+ serverOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
serverOptions.setKeyStorePassword(PASSWORD);
serverOptions.setVerifyHost(false);
diff --git
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/SaslIntegrationTest.java
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/SaslIntegrationTest.java
index 8c8f8de..91ffda1 100644
---
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/SaslIntegrationTest.java
+++
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/SaslIntegrationTest.java
@@ -70,8 +70,8 @@ public class SaslIntegrationTest extends QpidJmsTestCase {
private static final UnsignedByte SASL_SYS_PERM =
UnsignedByte.valueOf((byte) 3);
private static final UnsignedByte SASL_SYS_TEMP =
UnsignedByte.valueOf((byte) 4);
- private static final String BROKER_JKS_KEYSTORE =
"src/test/resources/broker-jks.keystore";
- private static final String BROKER_JKS_TRUSTSTORE =
"src/test/resources/broker-jks.truststore";
+ private static final String BROKER_PKCS12_KEYSTORE =
"src/test/resources/broker-pkcs12.keystore";
+ private static final String BROKER_PKCS12_TRUSTSTORE =
"src/test/resources/broker-pkcs12.truststore";
private static final String CLIENT_JKS_KEYSTORE =
"src/test/resources/client-jks.keystore";
private static final String CLIENT_JKS_TRUSTSTORE =
"src/test/resources/client-jks.truststore";
private static final String PASSWORD = "password";
@@ -79,10 +79,10 @@ public class SaslIntegrationTest extends QpidJmsTestCase {
@Test(timeout = 20000)
public void testSaslExternalConnection() throws Exception {
TransportOptions sslOptions = new TransportOptions();
- sslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
+ sslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
sslOptions.setKeyStorePassword(PASSWORD);
sslOptions.setVerifyHost(false);
- sslOptions.setTrustStoreLocation(BROKER_JKS_TRUSTSTORE);
+ sslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
sslOptions.setTrustStorePassword(PASSWORD);
String connOptions = "?transport.trustStoreLocation=" +
CLIENT_JKS_TRUSTSTORE + "&" +
@@ -342,11 +342,11 @@ public class SaslIntegrationTest extends QpidJmsTestCase {
private void doMechanismSelectedExternalTestImpl(boolean
requireClientCert, Symbol clientSelectedMech, Symbol[] serverMechs) throws
Exception {
TransportOptions sslOptions = new TransportOptions();
- sslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
+ sslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
sslOptions.setKeyStorePassword(PASSWORD);
sslOptions.setVerifyHost(false);
if (requireClientCert) {
- sslOptions.setTrustStoreLocation(BROKER_JKS_TRUSTSTORE);
+ sslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
sslOptions.setTrustStorePassword(PASSWORD);
}
diff --git
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/SslIntegrationTest.java
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/SslIntegrationTest.java
index e1668a7..ccb9e7b 100644
---
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/SslIntegrationTest.java
+++
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/SslIntegrationTest.java
@@ -53,9 +53,7 @@ import io.netty.handler.ssl.OpenSsl;
public class SslIntegrationTest extends QpidJmsTestCase {
- private static final String BROKER_JKS_KEYSTORE =
"src/test/resources/broker-jks.keystore";
private static final String BROKER_PKCS12_KEYSTORE =
"src/test/resources/broker-pkcs12.keystore";
- private static final String BROKER_JKS_TRUSTSTORE =
"src/test/resources/broker-jks.truststore";
private static final String BROKER_PKCS12_TRUSTSTORE =
"src/test/resources/broker-pkcs12.truststore";
private static final String CLIENT_MULTI_KEYSTORE =
"src/test/resources/client-multiple-keys-jks.keystore";
private static final String CLIENT_JKS_TRUSTSTORE =
"src/test/resources/client-jks.truststore";
@@ -100,7 +98,7 @@ public class SslIntegrationTest extends QpidJmsTestCase {
private void testCreateAndCloseSslConnection(boolean openSSL) throws
Exception {
TransportOptions sslOptions = new TransportOptions();
- sslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
+ sslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
sslOptions.setKeyStorePassword(PASSWORD);
sslOptions.setVerifyHost(false);
@@ -135,7 +133,7 @@ public class SslIntegrationTest extends QpidJmsTestCase {
private void
doTestCreateSslConnectionWithServerSendingPreemptiveData(boolean openSSL)
throws Exception {
TransportOptions serverSslOptions = new TransportOptions();
- serverSslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
+ serverSslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
serverSslOptions.setKeyStorePassword(PASSWORD);
serverSslOptions.setVerifyHost(false);
@@ -179,8 +177,8 @@ public class SslIntegrationTest extends QpidJmsTestCase {
private void doTestCreateAndCloseSslConnectionWithClientAuth(boolean
openSSL) throws Exception {
TransportOptions sslOptions = new TransportOptions();
- sslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
- sslOptions.setTrustStoreLocation(BROKER_JKS_TRUSTSTORE);
+ sslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
+ sslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
sslOptions.setKeyStorePassword(PASSWORD);
sslOptions.setTrustStorePassword(PASSWORD);
sslOptions.setVerifyHost(false);
@@ -221,8 +219,8 @@ public class SslIntegrationTest extends QpidJmsTestCase {
private void doConnectionWithAliasTestImpl(String alias, String
expectedDN, boolean requestOpenSSL) throws Exception, JMSException,
SSLPeerUnverifiedException, IOException {
TransportOptions sslOptions = new TransportOptions();
- sslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
- sslOptions.setTrustStoreLocation(BROKER_JKS_TRUSTSTORE);
+ sslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
+ sslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
sslOptions.setKeyStorePassword(PASSWORD);
sslOptions.setTrustStorePassword(PASSWORD);
sslOptions.setVerifyHost(false);
@@ -268,8 +266,8 @@ public class SslIntegrationTest extends QpidJmsTestCase {
private void doCreateConnectionWithInvalidAliasTestImpl(String alias)
throws Exception, IOException {
TransportOptions sslOptions = new TransportOptions();
- sslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
- sslOptions.setTrustStoreLocation(BROKER_JKS_TRUSTSTORE);
+ sslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
+ sslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
sslOptions.setKeyStorePassword(PASSWORD);
sslOptions.setTrustStorePassword(PASSWORD);
sslOptions.setVerifyHost(false);
@@ -327,8 +325,8 @@ public class SslIntegrationTest extends QpidJmsTestCase {
private void doConnectionWithSslContextOverride(String clientKeyStorePath,
String expectedDN, boolean useExtension) throws Exception {
TransportOptions serverSslOptions = new TransportOptions();
- serverSslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
- serverSslOptions.setTrustStoreLocation(BROKER_JKS_TRUSTSTORE);
+ serverSslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
+ serverSslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
serverSslOptions.setKeyStorePassword(PASSWORD);
serverSslOptions.setTrustStorePassword(PASSWORD);
serverSslOptions.setVerifyHost(false);
@@ -410,8 +408,8 @@ public class SslIntegrationTest extends QpidJmsTestCase {
private void doConnectionWithSslContextOverrideAndURIConfig(SSLContext
clientContext, String expectedDN) throws Exception {
TransportOptions serverSslOptions = new TransportOptions();
- serverSslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
- serverSslOptions.setTrustStoreLocation(BROKER_JKS_TRUSTSTORE);
+ serverSslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
+ serverSslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
serverSslOptions.setKeyStorePassword(PASSWORD);
serverSslOptions.setTrustStorePassword(PASSWORD);
serverSslOptions.setVerifyHost(false);
@@ -493,13 +491,13 @@ public class SslIntegrationTest extends QpidJmsTestCase {
public void testConfigurePkcs12StoresWithSslSystemProperties() throws
Exception {
// Set properties and expect connection as Client1
setSslSystemPropertiesForCurrentTest(CLIENT_PKCS12_KEYSTORE,
CUSTOM_STORE_TYPE_PKCS12, PASSWORD, CLIENT_PKCS12_TRUSTSTORE,
CUSTOM_STORE_TYPE_PKCS12, PASSWORD);
- doConfigureStoresWithSslSystemPropertiesTestImpl(CLIENT_DN, true);
+ doConfigureStoresWithSslSystemPropertiesTestImpl(CLIENT_DN);
}
@Test(timeout = 30000)
public void testNonSslConnectionFailsToSslServer() throws Exception {
TransportOptions serverOptions = new TransportOptions();
- serverOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
+ serverOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
serverOptions.setKeyStorePassword(PASSWORD);
serverOptions.setVerifyHost(false);
@@ -537,27 +535,12 @@ public class SslIntegrationTest extends QpidJmsTestCase {
}
private void doConfigureStoresWithSslSystemPropertiesTestImpl(String
expectedDN) throws Exception {
- doConfigureStoresWithSslSystemPropertiesTestImpl(expectedDN, false);
- }
-
- private void doConfigureStoresWithSslSystemPropertiesTestImpl(String
expectedDN, boolean usePkcs12Store) throws Exception {
TransportOptions serverSslOptions = new TransportOptions();
-
- if (!usePkcs12Store) {
- serverSslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
- serverSslOptions.setTrustStoreLocation(BROKER_JKS_TRUSTSTORE);
- serverSslOptions.setKeyStorePassword(PASSWORD);
- serverSslOptions.setTrustStorePassword(PASSWORD);
- serverSslOptions.setVerifyHost(false);
- } else {
- serverSslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
- serverSslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
- serverSslOptions.setKeyStoreType(CUSTOM_STORE_TYPE_PKCS12);
- serverSslOptions.setTrustStoreType(CUSTOM_STORE_TYPE_PKCS12);
- serverSslOptions.setKeyStorePassword(PASSWORD);
- serverSslOptions.setTrustStorePassword(PASSWORD);
- serverSslOptions.setVerifyHost(false);
- }
+ serverSslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
+ serverSslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
+ serverSslOptions.setKeyStorePassword(PASSWORD);
+ serverSslOptions.setTrustStorePassword(PASSWORD);
+ serverSslOptions.setVerifyHost(false);
SSLContext serverSslContext =
TransportSupport.createJdkSslContext(serverSslOptions);
diff --git
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/WsIntegrationTest.java
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/WsIntegrationTest.java
index 6d5e045..b7a4698 100644
---
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/WsIntegrationTest.java
+++
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/WsIntegrationTest.java
@@ -35,13 +35,13 @@ import org.junit.Test;
public class WsIntegrationTest extends QpidJmsTestCase {
- private static final String BROKER_JKS_KEYSTORE =
"src/test/resources/broker-jks.keystore";
+ private static final String BROKER_PKCS12_KEYSTORE =
"src/test/resources/broker-pkcs12.keystore";
private static final String PASSWORD = "password";
@Test(timeout = 30000)
public void testNonSslWebSocketConnectionFailsToSslServer() throws
Exception {
TransportOptions serverOptions = new TransportOptions();
- serverOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
+ serverOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
serverOptions.setKeyStorePassword(PASSWORD);
serverOptions.setVerifyHost(false);
diff --git
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/provider/failover/FailoverWithAmqpOpenProvidedServerListIntegrationTest.java
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/provider/failover/FailoverWithAmqpOpenProvidedServerListIntegrationTest.java
index 0baed85..01ecbf8 100644
---
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/provider/failover/FailoverWithAmqpOpenProvidedServerListIntegrationTest.java
+++
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/provider/failover/FailoverWithAmqpOpenProvidedServerListIntegrationTest.java
@@ -55,8 +55,8 @@ public class
FailoverWithAmqpOpenProvidedServerListIntegrationTest extends QpidJ
private static final Logger LOG =
LoggerFactory.getLogger(FailoverWithAmqpOpenProvidedServerListIntegrationTest.class);
- private static final String BROKER_JKS_KEYSTORE =
"src/test/resources/broker-jks.keystore";
- private static final String BROKER_JKS_TRUSTSTORE =
"src/test/resources/broker-jks.truststore";
+ private static final String BROKER_PKCS12_KEYSTORE =
"src/test/resources/broker-pkcs12.keystore";
+ private static final String BROKER_PKCS12_TRUSTSTORE =
"src/test/resources/broker-pkcs12.truststore";
private static final String PASSWORD = "password";
private static final String CLIENT_JKS_KEYSTORE =
"src/test/resources/client-jks.keystore";
private static final String CLIENT_JKS_TRUSTSTORE =
"src/test/resources/client-jks.truststore";
@@ -400,8 +400,8 @@ public class
FailoverWithAmqpOpenProvidedServerListIntegrationTest extends QpidJ
@Test(timeout = 20000)
public void testFailoverUsingSSLConfiguredBySystemProperties() throws
Exception {
TransportOptions serverSslOptions = new TransportOptions();
- serverSslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
- serverSslOptions.setTrustStoreLocation(BROKER_JKS_TRUSTSTORE);
+ serverSslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
+ serverSslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
serverSslOptions.setKeyStorePassword(PASSWORD);
serverSslOptions.setTrustStorePassword(PASSWORD);
serverSslOptions.setVerifyHost(false);
@@ -509,7 +509,7 @@ public class
FailoverWithAmqpOpenProvidedServerListIntegrationTest extends QpidJ
@Test(timeout = 20000)
public void testFailoverUsingSSLConfiguredByTransportOptions() throws
Exception {
TransportOptions sslOptions = new TransportOptions();
- sslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
+ sslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
sslOptions.setKeyStorePassword(PASSWORD);
sslOptions.setVerifyHost(false);
@@ -628,7 +628,7 @@ public class
FailoverWithAmqpOpenProvidedServerListIntegrationTest extends QpidJ
@Test(timeout = 20000)
public void testFailoverUsingSSLConfiguredByNestedTransportOptions()
throws Exception {
TransportOptions sslOptions = new TransportOptions();
- sslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
+ sslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
sslOptions.setKeyStorePassword(PASSWORD);
sslOptions.setVerifyHost(false);
@@ -747,8 +747,8 @@ public class
FailoverWithAmqpOpenProvidedServerListIntegrationTest extends QpidJ
@Test(timeout = 20000)
public void testFailoverUsingSSLConfiguredByCustomSSLContext() throws
Exception {
TransportOptions serverSslOptions = new TransportOptions();
- serverSslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
- serverSslOptions.setTrustStoreLocation(BROKER_JKS_TRUSTSTORE);
+ serverSslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
+ serverSslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
serverSslOptions.setKeyStorePassword(PASSWORD);
serverSslOptions.setTrustStorePassword(PASSWORD);
serverSslOptions.setVerifyHost(false);
@@ -886,8 +886,8 @@ public class
FailoverWithAmqpOpenProvidedServerListIntegrationTest extends QpidJ
private void doTestFailoverHandlingOfInsecureRedirectAdvertisement(boolean
allow) throws Exception {
TransportOptions serverSslOptions = new TransportOptions();
- serverSslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
- serverSslOptions.setTrustStoreLocation(BROKER_JKS_TRUSTSTORE);
+ serverSslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
+ serverSslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
serverSslOptions.setKeyStorePassword(PASSWORD);
serverSslOptions.setTrustStorePassword(PASSWORD);
serverSslOptions.setVerifyHost(false);
@@ -993,8 +993,8 @@ public class
FailoverWithAmqpOpenProvidedServerListIntegrationTest extends QpidJ
private void doTestFailoverAcceptsUpdateUsingTransportSchemes(String
transportScheme, String expected) throws Exception {
TransportOptions serverSslOptions = new TransportOptions();
- serverSslOptions.setKeyStoreLocation(BROKER_JKS_KEYSTORE);
- serverSslOptions.setTrustStoreLocation(BROKER_JKS_TRUSTSTORE);
+ serverSslOptions.setKeyStoreLocation(BROKER_PKCS12_KEYSTORE);
+ serverSslOptions.setTrustStoreLocation(BROKER_PKCS12_TRUSTSTORE);
serverSslOptions.setKeyStorePassword(PASSWORD);
serverSslOptions.setTrustStorePassword(PASSWORD);
serverSslOptions.setVerifyHost(false);
diff --git
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/TransportSupportTest.java
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/TransportSupportTest.java
index e4e7888..cac5c90 100644
---
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/TransportSupportTest.java
+++
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/TransportSupportTest.java
@@ -50,13 +50,9 @@ public class TransportSupportTest extends QpidJmsTestCase {
public static final String PASSWORD = "password";
- public static final String BROKER_JKS_KEYSTORE =
"src/test/resources/broker-jks.keystore";
- public static final String BROKER_JKS_TRUSTSTORE =
"src/test/resources/broker-jks.truststore";
public static final String CLIENT_JKS_KEYSTORE =
"src/test/resources/client-jks.keystore";
public static final String CLIENT_JKS_TRUSTSTORE =
"src/test/resources/client-jks.truststore";
- public static final String BROKER_JCEKS_KEYSTORE =
"src/test/resources/broker-jceks.keystore";
- public static final String BROKER_JCEKS_TRUSTSTORE =
"src/test/resources/broker-jceks.truststore";
public static final String CLIENT_JCEKS_KEYSTORE =
"src/test/resources/client-jceks.keystore";
public static final String CLIENT_JCEKS_TRUSTSTORE =
"src/test/resources/client-jceks.truststore";
diff --git
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettySslTransportTest.java
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettySslTransportTest.java
index 1205587..d54db24 100644
---
a/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettySslTransportTest.java
+++
b/qpid-jms-client/src/test/java/org/apache/qpid/jms/transports/netty/NettySslTransportTest.java
@@ -57,9 +57,9 @@ public class NettySslTransportTest extends
NettyTcpTransportTest {
private static final Logger LOG =
LoggerFactory.getLogger(NettySslTransportTest.class);
public static final String PASSWORD = "password";
- public static final String SERVER_KEYSTORE =
"src/test/resources/broker-jks.keystore";
- public static final String SERVER_TRUSTSTORE =
"src/test/resources/broker-jks.truststore";
- public static final String SERVER_WRONG_HOST_KEYSTORE =
"src/test/resources/broker-wrong-host-jks.keystore";
+ public static final String SERVER_KEYSTORE =
"src/test/resources/broker-pkcs12.keystore";
+ public static final String SERVER_TRUSTSTORE =
"src/test/resources/broker-pkcs12.truststore";
+ public static final String SERVER_WRONG_HOST_KEYSTORE =
"src/test/resources/broker-wrong-host-pkcs12.keystore";
public static final String CLIENT_KEYSTORE =
"src/test/resources/client-jks.keystore";
public static final String CLIENT_MULTI_KEYSTORE =
"src/test/resources/client-multiple-keys-jks.keystore";
public static final String CLIENT_TRUSTSTORE =
"src/test/resources/client-jks.truststore";
@@ -391,7 +391,6 @@ public class NettySslTransportTest extends
NettyTcpTransportTest {
options.setKeyStorePassword(PASSWORD);
options.setTrustStoreLocation(SERVER_TRUSTSTORE);
options.setTrustStorePassword(PASSWORD);
- options.setStoreType(KEYSTORE_TYPE);
options.setVerifyHost(false);
return options;
diff --git a/qpid-jms-client/src/test/resources/README.txt
b/qpid-jms-client/src/test/resources/README.txt
index 8e7b215..8b3048b 100644
--- a/qpid-jms-client/src/test/resources/README.txt
+++ b/qpid-jms-client/src/test/resources/README.txt
@@ -21,26 +21,19 @@ keytool -storetype pkcs12 -keystore ca-pkcs12.keystore
-storepass password -alia
keytool -storetype pkcs12 -keystore broker-pkcs12.keystore -storepass password
-keypass password -importcert -alias ca -file ca.crt -noprompt
keytool -storetype pkcs12 -keystore broker-pkcs12.keystore -storepass password
-keypass password -importcert -alias broker -file broker.crt
-# Create some alternative keystore types for testing:
-# ---------------------------------------------------
-keytool -importkeystore -srckeystore broker-pkcs12.keystore -destkeystore
broker-jceks.keystore -srcstoretype pkcs12 -deststoretype jceks -srcstorepass
password -deststorepass password
-keytool -importkeystore -srckeystore broker-pkcs12.keystore -destkeystore
broker-jks.keystore -srcstoretype pkcs12 -deststoretype jks -srcstorepass
password -deststorepass password
-
# Create a key pair for the broker with an unexpected hostname, and sign it
with the CA:
#
--------------------------------------------------------------------------------------
-keytool -storetype jks -keystore broker-wrong-host-jks.keystore -storepass
password -keypass password -alias broker-wrong-host -genkey -keyalg "RSA"
-keysize 2048 -dname "O=Server,CN=wronghost" -validity 9999 -ext bc=ca:false
-ext eku=sA
+keytool -storetype pkcs12 -keystore broker-wrong-host-pkcs12.keystore
-storepass password -keypass password -alias broker-wrong-host -genkey -keyalg
"RSA" -keysize 2048 -dname "O=Server,CN=wronghost" -validity 9999 -ext
bc=ca:false -ext eku=sA
-keytool -storetype jks -keystore broker-wrong-host-jks.keystore -storepass
password -alias broker-wrong-host -certreq -file broker-wrong-host.csr
+keytool -storetype pkcs12 -keystore broker-wrong-host-pkcs12.keystore
-storepass password -alias broker-wrong-host -certreq -file
broker-wrong-host.csr
keytool -storetype pkcs12 -keystore ca-pkcs12.keystore -storepass password
-alias ca -gencert -rfc -infile broker-wrong-host.csr -outfile
broker-wrong-host.crt -validity 9999 -ext bc=ca:false -ext eku=sA
-keytool -storetype jks -keystore broker-wrong-host-jks.keystore -storepass
password -keypass password -importcert -alias ca -file ca.crt -noprompt
-keytool -storetype jks -keystore broker-wrong-host-jks.keystore -storepass
password -keypass password -importcert -alias broker-wrong-host -file
broker-wrong-host.crt
+keytool -storetype pkcs12 -keystore broker-wrong-host-pkcs12.keystore
-storepass password -keypass password -importcert -alias ca -file ca.crt
-noprompt
+keytool -storetype pkcs12 -keystore broker-wrong-host-pkcs12.keystore
-storepass password -keypass password -importcert -alias broker-wrong-host
-file broker-wrong-host.crt
-# Create trust stores for the broker, import the CA cert:
+# Create trust store for the broker, import the CA cert:
# -------------------------------------------------------
keytool -storetype pkcs12 -keystore broker-pkcs12.truststore -storepass
password -keypass password -importcert -alias ca -file ca.crt -noprompt
-keytool -importkeystore -srckeystore broker-pkcs12.truststore -destkeystore
broker-jceks.truststore -srcstoretype pkcs12 -deststoretype jceks -srcstorepass
password -deststorepass password
-keytool -importkeystore -srckeystore broker-pkcs12.truststore -destkeystore
broker-jks.truststore -srcstoretype pkcs12 -deststoretype jks -srcstorepass
password -deststorepass password
# Create a key pair for the client, and sign it with the CA:
# ----------------------------------------------------------
diff --git a/qpid-jms-client/src/test/resources/broker-jceks.keystore
b/qpid-jms-client/src/test/resources/broker-jceks.keystore
deleted file mode 100644
index b5a155e..0000000
Binary files a/qpid-jms-client/src/test/resources/broker-jceks.keystore and
/dev/null differ
diff --git a/qpid-jms-client/src/test/resources/broker-jceks.truststore
b/qpid-jms-client/src/test/resources/broker-jceks.truststore
deleted file mode 100644
index 54a9fd5..0000000
Binary files a/qpid-jms-client/src/test/resources/broker-jceks.truststore and
/dev/null differ
diff --git a/qpid-jms-client/src/test/resources/broker-jks.keystore
b/qpid-jms-client/src/test/resources/broker-jks.keystore
deleted file mode 100644
index a6644f0..0000000
Binary files a/qpid-jms-client/src/test/resources/broker-jks.keystore and
/dev/null differ
diff --git a/qpid-jms-client/src/test/resources/broker-jks.truststore
b/qpid-jms-client/src/test/resources/broker-jks.truststore
deleted file mode 100644
index 60031b6..0000000
Binary files a/qpid-jms-client/src/test/resources/broker-jks.truststore and
/dev/null differ
diff --git
a/qpid-jms-client/src/test/resources/broker-wrong-host-pkcs12.keystore
b/qpid-jms-client/src/test/resources/broker-wrong-host-pkcs12.keystore
new file mode 100644
index 0000000..6fa270b
Binary files /dev/null and
b/qpid-jms-client/src/test/resources/broker-wrong-host-pkcs12.keystore differ
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org
For additional commands, e-mail: commits-h...@qpid.apache.org
