diff --git a/.gitignore b/.gitignore index 4a134b4c..d5787418 100644 --- a/.gitignore +++ b/.gitignore @@ -32,6 +32,6 @@ modules/* Gemfile.lock config/foreman.migrations/.applied .vendor/ -spec/fixtures/katello-certs-check/*.csr +spec/fixtures/katello-certs-check/certs/*.csr spec/fixtures/katello-certs-check/ca.key -spec/fixtures/katello-certs-check/*.srl +spec/fixtures/katello-certs-check/certs/*.srl diff --git a/spec/fixtures/katello-certs-check/README.md b/spec/fixtures/katello-certs-check/README.md index 204a6d24..9efecb11 100644 --- a/spec/fixtures/katello-certs-check/README.md +++ b/spec/fixtures/katello-certs-check/README.md @@ -7,3 +7,5 @@ To generate a new set of certificates: ``` In order to modify properties of the certificates, edit the `extensions.txt` before re-generating. + +To regenerate a particular set of certificates, remove them from the `certs/` directory and re-run the generation script. diff --git a/spec/fixtures/katello-certs-check/cacert.crt b/spec/fixtures/katello-certs-check/cacert.crt deleted file mode 100644 index b908d6fc..00000000 --- a/spec/fixtures/katello-certs-check/cacert.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDHTCCAgWgAwIBAgIUNi8FZ2nmLFAAu8mInhmiT2wqxoIwDQYJKoZIhvcNAQEL -BQAwHjEcMBoGA1UEAwwTVGVzdCBTZWxmLVNpZ25lZCBDQTAeFw0yMDEwMzAxNTEw -MjVaFw0zMDEwMjgxNTEwMjVaMB4xHDAaBgNVBAMME1Rlc3QgU2VsZi1TaWduZWQg -Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5yvswTfs3CutRaZ0I -9qPYHb8+sKPTwpPpieWZtxeJkR3U4DVvZYxsScg4wAjo1576660KdgQawH/fsH0S -dz4BHFktnxQ9eWM0zAhStpOeKsaLQMksDXnjUFnyaII8CpFvHd89CEZrmLhY5rDg -l+jIkXkDdODV2/LBQJmGunh4CYHaw2wuAKBDUicXiDZT7Pms+VHf0eGtvoOY3bbr -KQQV13aR4xJIJgYPgSSASWX5h6V3gJQgmNs3BZDjTjlFv5+EwDXgSaOuyojm3Iky -UJEslnjD1CQ/8Gbu/u4DZwtC2Dc/WIrZyHQymLzQXv78K16NYAf6c5vlD1ti7jRs -q9hXAgMBAAGjUzBRMB0GA1UdDgQWBBTpikF9rPC2Pc7xj0QjTexiIgA8PzAfBgNV -HSMEGDAWgBTpikF9rPC2Pc7xj0QjTexiIgA8PzAPBgNVHRMBAf8EBTADAQH/MA0G -CSqGSIb3DQEBCwUAA4IBAQCr/h9WuZ/0Wx26RDUJpvIZpVKJyoBZc7pkw/RAgcas -Ihiknhbklg+29PV9+jFCBeKF64t4/wVSmsGpJ0RcWAap/3KW/Yd6PLYR9k6hWfRI -mUyE/rJ/+1nO8j1t/oMjB9b7trDpMJgvuYhaENpouLYxaaR1xklsbu0eiQIvjKIM -NmEKTYI565LHDwAJU58KVscpDYC5zDU3As+t3GEA4WfUaKVd5i3ALM7HKzm9pzM+ -jnDBtCL04lM2K6Vxl3CIwd0o4AvBgU4XlRYzRIqlq+Bg5yCbrmZP08lsmRIv5oR9 -g9qTo2MEFHCxxn3a9jCYkX2eUuIANx7Zi6HJUsPnptV2 ------END CERTIFICATE----- diff --git a/spec/fixtures/katello-certs-check/certs/ca.crt b/spec/fixtures/katello-certs-check/certs/ca.crt new file mode 100644 index 00000000..763958f8 --- /dev/null +++ b/spec/fixtures/katello-certs-check/certs/ca.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDHTCCAgWgAwIBAgIUK+x25LNYYMHS83aWDnAYviwxEYEwDQYJKoZIhvcNAQEL +BQAwHjEcMBoGA1UEAwwTVGVzdCBTZWxmLVNpZ25lZCBDQTAeFw0yMDExMTgwMjMw +NDNaFw0zMDExMTYwMjMwNDNaMB4xHDAaBgNVBAMME1Rlc3QgU2VsZi1TaWduZWQg +Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC92114uygw5KcqPCz1 +E/Cwd3Lo2ytyPD9FchWKPOxXpNisHMOr4zAfsxERXmgBLawHIkqc2Xae3TqHGGQa +ll3J3HukwghZQAyjcNG/Q2Q2QqfQW1tzxHRnz2EKBoRoyhmVXcnu+qBoEgkf5QI/ +Rk9HzLJINZPcZuMEkRgcf5q1h/F+PY2yCMwT5qjB6whn6zX6FP6G3//fRtkZw4cI +FPPjKJedbHlYEifRigmJfu+T5Q5xz19Og/1zDwfl7is5eBUV+KEoIE7UpmvR1UrM ++T6WYl3vxeM08y1QU6vR9GqummDMinfWLj0hV+dYwI9/1fHIjfPqgxPUa5AGw7ik +vyrvAgMBAAGjUzBRMB0GA1UdDgQWBBQz80R5aRb/egnEMKHQonUM3xgj6DAfBgNV +HSMEGDAWgBQz80R5aRb/egnEMKHQonUM3xgj6DAPBgNVHRMBAf8EBTADAQH/MA0G +CSqGSIb3DQEBCwUAA4IBAQCdiBvQx6ExmteTzwkGCheKwUMvzCehuwvpoJRE/JXo +zz67414oyWXkSN8/9HE3nkH/xxunD/Ni+N9ppk7iicSpyOKfdDXiaS8qq1O1OXCx +CjoVuIFAPFWOEEhLdnb1v8YVWx2JwcbGvhCLNSoK1a6uwCmWixtoeQiKspBfwFcb +wfU9qNdXsezBljahE4Q2E4SR+XclA6iHdooX4ajnleamqeH0ephyCqvMAhzfJA5F +O1+SJRFbIjwfKxsEJS6Czrn+EU2eLtxk5g5+oO06ZYj4rVOfgc2Wc0+cisgP0fT/ +WVkAxgGS6L0jGvZSisEUBpoidJNddWnf9mzUT2kJ5DCO +-----END CERTIFICATE----- diff --git a/spec/fixtures/katello-certs-check/certs/ca.key b/spec/fixtures/katello-certs-check/certs/ca.key new file mode 100644 index 00000000..655bb7cb --- /dev/null +++ b/spec/fixtures/katello-certs-check/certs/ca.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAvdtdeLsoMOSnKjws9RPwsHdy6Nsrcjw/RXIVijzsV6TYrBzD +q+MwH7MREV5oAS2sByJKnNl2nt06hxhkGpZdydx7pMIIWUAMo3DRv0NkNkKn0Ftb +c8R0Z89hCgaEaMoZlV3J7vqgaBIJH+UCP0ZPR8yySDWT3GbjBJEYHH+atYfxfj2N +sgjME+aowesIZ+s1+hT+ht//30bZGcOHCBTz4yiXnWx5WBIn0YoJiX7vk+UOcc9f +ToP9cw8H5e4rOXgVFfihKCBO1KZr0dVKzPk+lmJd78XjNPMtUFOr0fRqrppgzIp3 +1i49IVfnWMCPf9XxyI3z6oMT1GuQBsO4pL8q7wIDAQABAoIBAAiF1nZbAHzhZtew +h9wgnwds9U2auSKRrc1yR6FDBuEQV2GykN4gfsKNiVCcSlLzN+vCEFNmN7r992il +IalH4sHzEeHdi/5lr6uOnvvVDKSa7WmfEEXsJcWbO6H1lPAXUnqwESaXPaguVxaF +c0pf36M7fy1aql6Uh9Bmqwxsdgd8FOk7U2I0dr8csE8gKAMbOOERUqvBVYoe4JDU +ASoOPm3GL8n9l5l0gELr9wJFRsREQBKmoizF3zjOJKJxgJOcuxaEoqIxTrnTIRb0 +EVS8J3L7LT9s1zNTE9UAODlwKDCdA9VK0lhEQ/9OOSpmuR163enYCNz0rIzfsvxL +NCy+w+ECgYEA82CZzA65uoblhEbeeMipLGrsDM7IHLeFTx7rG79kIRW8yAp2bFLS +Us3KVF8hGi8pQREbi8G/1QiPjsEjuqq/uSIHaA1VKASVtfvBjuVx8k9T1BmTLW7F +WvPjcrFe3ZP5hNroVIyNB9JziBL6HNJAxfSJGBKfP3kf6A4KBqTiSlkCgYEAx7Qn +93RVbMezv7uS/PpXyuH7Ml1sLglDp5c/9+Ve0AQv+2oeHR1BxWbtT1YylWPGY30C +EY6AolpeSDCc7cNWfiDdzi1rh0001EjWRrYl/5riqaHOlm8joJTR7A+rgvFzvwcn +/91UQ3EoNA73C3W4YNiMXhtHxDYH+F/o0SfO5ocCgYEAsoX0qttOX8WdzDbT8BN5 +DMztk8OGxJHV5qDOYw80WpSAYthR38ms3/J2bQdO188qWsE6zHx1w8XA0D1agQ3J +DvsoJapKAc3DJ7ehVrl1qQGJgzazYAs2Fy55c+MprC1kRZDyBTsIJGm6N2F8N/H+ +c3aZrZ/TUpL91ZGexxrhpxkCgYEAhSDzV8JExFyo1lNMHLsi1YwqchvXZyUj5dAt +g6tztkZkWj0W0B/V3avM3Yu/8tjtwxrtyxhtZk3J9mP56YLD4Rc15iFfQnZUloPr +3H3G/QuauKy2VJDIdl9fRff4RTWDDMDPiIFakA8aVwH27LvQazdQ89dJ02KVk50U +ToI0KncCgYBAnyHuKbw26zeDpsb2m3AjsPUfkaPjSEtPVNPOJsTEm757v1+vU8MM +zNAaQ+oOi/CGFVg2tXI5FJfpsj1hbnZ3AuzV5zmbauWCD8o/0rfC2XBcMGAoAkQ/ +JJg9G+gQYUEzvRppE335YO7ytYI/omVMF4UzMyT2ThgW5XbKOvLXlQ== +-----END RSA PRIVATE KEY----- diff --git a/spec/fixtures/katello-certs-check/certs/foreman.example.com.crt b/spec/fixtures/katello-certs-check/certs/foreman.example.com.crt new file mode 100644 index 00000000..b2dbe67d --- /dev/null +++ b/spec/fixtures/katello-certs-check/certs/foreman.example.com.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+TCCAeGgAwIBAgIUetO+zvwJ4nLNrxe9lcrT4h0noCMwDQYJKoZIhvcNAQEL +BQAwHjEcMBoGA1UEAwwTVGVzdCBTZWxmLVNpZ25lZCBDQTAeFw0yMDExMTgwMjMw +NDNaFw0zMDExMTYwMjMwNDNaMB4xHDAaBgNVBAMME2ZvcmVtYW4uZXhhbXBsZS5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcEtPd1uKX0hct7+qe +gOEy72VB93cBGuEJis6yD7uJfdjnbBtiFwkxUqmQlsDmUsqcuh6106yDkaW6tyzT +I6R0Xx8OJkT4bxOsgkr3xqZSrAQJvn/NmV4j6egckJlgYnSbkrOFvy5iO1A/Dc/m +OrC6TJVGe/YvMCU6IYPU1f/acNucRZGopa7yfhyTd8nzArq1BCSrjqtCl8m9NPJZ +IP8+06wQ6MCjyd+kjnm+Tq/P+mKEsXVDBQCQAyWFpZdUcu4zbL+UV2+O7QUtndEh +k2nf4w3Rx70XvMwagfo3hE5cJ8rNXEynphhDzdJqzRDpPYItZauMDxmK+4oHOn0g +90t5AgMBAAGjLzAtMAsGA1UdDwQEAwIFIDAeBgNVHREEFzAVghNmb3JlbWFuLmV4 +YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBlIEA2CfZIa8LtUYlDwa5v+5Wf +1ktmYTRtgEI+922T/eTB8uH1//VxpfK5ynljao7SNVcX+74Q+YH/4Ci4OfZvE5vA +1IJXog5bfE4mVc1qXhH7TokBQx1L6vtUh9OaTGpBAVnS3J5jLw6+Tdi9FOeZdKHZ +FvMnyZ7MQ6VjbLZsTy49o87Nstqkle48ivwSFrDU1cDN+6S/DUdHQnh8XtPB1PMh +7WCxGGtzmw5s5SxBkyY/buGDr+kx52yULl6ZrnJD6PfR30X+8G3ltvmaCQllYadX +eprUs5H2WDnTUUE78+cf1JK29Zs9it/l4t2uLc5Z94oXosFLkTKw6ZSB3X9J +-----END CERTIFICATE----- diff --git a/spec/fixtures/katello-certs-check/certs/foreman.example.com.key b/spec/fixtures/katello-certs-check/certs/foreman.example.com.key new file mode 100644 index 00000000..ae1ca691 --- /dev/null +++ b/spec/fixtures/katello-certs-check/certs/foreman.example.com.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA3BLT3dbil9IXLe/qnoDhMu9lQfd3ARrhCYrOsg+7iX3Y52wb +YhcJMVKpkJbA5lLKnLoetdOsg5Glurcs0yOkdF8fDiZE+G8TrIJK98amUqwECb5/ +zZleI+noHJCZYGJ0m5Kzhb8uYjtQPw3P5jqwukyVRnv2LzAlOiGD1NX/2nDbnEWR +qKWu8n4ck3fJ8wK6tQQkq46rQpfJvTTyWSD/PtOsEOjAo8nfpI55vk6vz/pihLF1 +QwUAkAMlhaWXVHLuM2y/lFdvju0FLZ3RIZNp3+MN0ce9F7zMGoH6N4ROXCfKzVxM +p6YYQ83Sas0Q6T2CLWWrjA8ZivuKBzp9IPdLeQIDAQABAoIBAQCSoJS6vJ5yiw7Y +k34dpz7kIe60Of33JYKEShCXQLYx0ECBSF0iSLjePPYvGNJjYwwNylAF04egjZz/ +P2ZFMv0yb+IQGl1frRpNmO38EkXk1SlHmL4sLSA1C3aT+Z/HQTHyKZck6JEt79jy +efBns/jl13qp4JPRMuHKzmO4nfB/B/BsLstYso+SNvw+IOLXjHDv5SxlGk03WSmU +Yg8/dooy17hzI0/qW9YsmM1NcDKOHfh7+MQTPQR8VdCJtK0K4ZGGhLs4ins3uRrR +eq6+7nyiLDlXQeXvExcfL6gS4lD6+Go/SwDyoPV6lBemtvOvazUpfzVBLAebj3dQ +FbE8r6GBAoGBAO+N0dhh4kwJvwK62VJZKPDUREXIZZ/4N53KaGWuO6EleGR4a10v +arkXG/29wbcTOALHGZjV8tR2LS0ryVSefUTY5E4QV7W9u/gLiKumFQWJ1ETFBxLO +7oN7tHaIILOVzxxIuXIqr3aqu86NPCnIIdMcLKpOGpzOeehTfIomel+xAoGBAOsu +oz0g2tMH8fVO9BIE6/diFqgA/fxWJt/wjMCgbRyFa6cekWjirpy0ENP3a1kwywkk +J+kE9WAvI7k8FnZXY4XEDO1Utg+ZyTw1SUh8VitwgvpA7idWp1R3q3Ysi9eHjaUo +KpIJnmyrzfnJ1wgTgcyNmaemaUUhQixZRFW0xKJJAoGAAzd0SeOGll7LIc5AfMqV +siYnhIhcVPmQRZ4iKLteMZu/Mhor1uR8GmAlEBMsNrkbV240+chlqlSr5p9f5LL8 +G6CN8D5n7xjNHVeKTkO8pIZlQ0ciAS6mJT3T/oN1bPPmBAs18kKAeKdyPiPHWwhE +7ADE2MSTtudO27/DPFen7QECgYA79CizFaQTNixNb/IygcSxzPSfoZkd8cx5PDZ1 +iLAoHC8kbFt/VIJU+mZr0uAv3Yt06h2ufpAbFAlUWGgVhROe7yqoefbrpTWyvpbO +/rts2YLaTyEnMCT6GIPCXXrM2AaY+tNXZVJYu7eHnRfPPEHTpqlsHrUpZWAcNCmC +e9HA2QKBgDLXP7Tl7+wi+ne4Y6FR6fi+cv5d/XC2Vd1qvaorCvYZjzSAkn2TpZMN +nuz6zOYT8X6lrdMBblp1AdVH/UqubyHgPggdjO7f0Veuux+7MeJAG1Owe6sOccxQ +stAxk9MsWZI++GT5NaXAnlxPn45MfDdigFIvzW71/dOu5BzqGIbE +-----END RSA PRIVATE KEY----- diff --git a/spec/fixtures/katello-certs-check/create_cert.sh b/spec/fixtures/katello-certs-check/create_cert.sh index e759da41..1798d1ea 100755 --- a/spec/fixtures/katello-certs-check/create_cert.sh +++ b/spec/fixtures/katello-certs-check/create_cert.sh @@ -1,10 +1,22 @@ #!/bin/bash -echo "Generate CA" -openssl genrsa -out ca.key 2048 -openssl req -x509 -new -nodes -key ca.key -sha256 -days 3650 -out cacert.crt -subj "/CN=Test Self-Signed CA" +CERTS_DIR=certs -echo "Generate server certificate" -openssl genrsa -out foreman.example.com.key 2048 -openssl req -new -key foreman.example.com.key -out foreman.example.com.csr -subj "/CN=foreman.example.com" -openssl x509 -req -in foreman.example.com.csr -CA cacert.crt -CAkey ca.key -CAcreateserial -out foreman.example.com.crt -days 3650 -sha256 -extfile extensions.txt -extensions extensions +CA_CERT_NAME=ca +if [[ ! -f "$CERTS_DIR/$CA_CERT_NAME.key" || ! -f "$CERTS_DIR/$CA_CERT_NAME.crt" ]]; then + echo "Generate CA" + openssl genrsa -out $CERTS_DIR/$CA_CERT_NAME.key 2048 + openssl req -x509 -new -nodes -key $CERTS_DIR/$CA_CERT_NAME.key -sha256 -days 3650 -out $CERTS_DIR/$CA_CERT_NAME.crt -subj "/CN=Test Self-Signed CA" +else + echo "CA certificate exists. Skipping." +fi + +CERT_NAME=foreman.example.com +if [[ ! -f "$CERTS_DIR/$CERT_NAME.key" || ! -f "$CERTS_DIR/$CERT_NAME.crt" ]]; then + echo "Generate server certificate" + openssl genrsa -out $CERTS_DIR/$CERT_NAME.key 2048 + openssl req -new -key $CERTS_DIR/$CERT_NAME.key -out $CERTS_DIR/$CERT_NAME.csr -subj "/CN=foreman.example.com" + openssl x509 -req -in $CERTS_DIR/$CERT_NAME.csr -CA $CERTS_DIR/$CA_CERT_NAME.crt -CAkey $CERTS_DIR/$CA_CERT_NAME.key -CAcreateserial -out $CERTS_DIR/$CERT_NAME.crt -days 3650 -sha256 -extfile extensions.txt -extensions extensions +else + echo "Server certificate exists. Skipping." +fi diff --git a/spec/fixtures/katello-certs-check/foreman.example.com.crt b/spec/fixtures/katello-certs-check/foreman.example.com.crt deleted file mode 100644 index c6afdd6f..00000000 --- a/spec/fixtures/katello-certs-check/foreman.example.com.crt +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC+TCCAeGgAwIBAgIUIJOShVFSf4+inpa2EacqH3Xs/OMwDQYJKoZIhvcNAQEL -BQAwHjEcMBoGA1UEAwwTVGVzdCBTZWxmLVNpZ25lZCBDQTAeFw0yMDEwMzAxNTEw -MjVaFw0zMDEwMjgxNTEwMjVaMB4xHDAaBgNVBAMME2ZvcmVtYW4uZXhhbXBsZS5j -b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLlog3cWOW8ztRdUVW -O3imSZVmAaZEx+ZjXMLHtC5krs/Rz/hQhxsK7UIKzXrCwZQEaN6I5AjdWE463gGs -HpFSMCO8t58qVrT9kVWa9t+HYBAFspWcSzdh0dY/+a9YEUm89YS61dvFs/JfUkPQ -F0+34ZmdeA96zPjNOqpVTZCylLv1IsQFEKMx2FpV5Jyl6jjH/1AEKhfXNuzaKW+i -OaFCnx+uXZZuw4ajtrvviHpJU9nx4stJV8at1qBRCNVV3YF+JWglQISWKvgpReqj -goZxQp6M7sm+bXLFEj1fbonOKispjyUXw2ay/ZdJ2B7bXTKVatwbK2qBVLb0jb7C -UScNAgMBAAGjLzAtMAsGA1UdDwQEAwIFIDAeBgNVHREEFzAVghNmb3JlbWFuLmV4 -YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBLNGnOv0MbYQmTCOoXmgIE8H7B -ZeGwAIfOpcZERpgr66m1mdfJxU3FPSbEmyWk2S2ms4hOH6EI27I3iNcT9xV1MGMA -KryoMQGx1NjOZGdvljIm0irZD4/GKaCeMT9fBQZPFGTGHb/tcBqyjbnwx5aecydk -nj4vToPrSx3cFuMDkalXeghqPJCZZXV09yX0iHuBiNtYlDc+1IhgligLYB4N/XWM -r2A8pZy3EQF5y+HHDUeI+RzTxZ4G0Ll6+7BvVfvcAjpn2H4TEym4HhBx+7jm6wUK -WiaW2eErfZ+HUlsLLeGxRdsGJDRyXqkvFsEQr+xh5ceJDX7mbsp6PKsZNQxC ------END CERTIFICATE----- diff --git a/spec/fixtures/katello-certs-check/foreman.example.com.key b/spec/fixtures/katello-certs-check/foreman.example.com.key deleted file mode 100644 index 93879931..00000000 --- a/spec/fixtures/katello-certs-check/foreman.example.com.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAy5aIN3FjlvM7UXVFVjt4pkmVZgGmRMfmY1zCx7QuZK7P0c/4 -UIcbCu1CCs16wsGUBGjeiOQI3VhOOt4BrB6RUjAjvLefKla0/ZFVmvbfh2AQBbKV -nEs3YdHWP/mvWBFJvPWEutXbxbPyX1JD0BdPt+GZnXgPesz4zTqqVU2QspS79SLE -BRCjMdhaVeScpeo4x/9QBCoX1zbs2ilvojmhQp8frl2WbsOGo7a774h6SVPZ8eLL -SVfGrdagUQjVVd2BfiVoJUCElir4KUXqo4KGcUKejO7Jvm1yxRI9X26JziorKY8l -F8Nmsv2XSdge210ylWrcGytqgVS29I2+wlEnDQIDAQABAoIBAFNojtI4MFcNu8W5 -x/h2UQ2/o+ew0U/onikjPeHXnhI91ILfM5q6X4fwgFgwqxTTfjL4TAPFeSRGI3bW -sdS0iVEky99rU1hjQa+JNYtRjW7HGolbCxSHdF8tOxvmzcHFA3LZG9H4ABxVhv0q -lQHSKyTo1qi/IYhsJZrfaB2es6OVs9NSqo0/tZ0uCGC15g+8cEJYGX8TBFseMY+X -/HSahRFv4cll9t5TGc381+Ue0CNjx1NDTmLdCkOxDS4PoeEhPE757J0fcBdGbtzv -c54mKFQrUvlAxcYSX/+KBBSrJQ3CsdCbhVZEpo0RoY14VpBdJ8n+rTj9Oeg9+u0b -FnzLL8ECgYEA/4Mwt1up7Dw2OMhSmz8sFdgaqkKw9MZkA/3JW4svpVKGwGnHLob4 -8oOsaSXghF16S52Zm/LMjAgRtWdywogDFXpVIv1oWgSo9MLkEMtpoB7au9gin+JT -G30qQHTS2oSxxh3Ek75Z4Q6rkrjf4aVPxOaECqDgSUoigEp6tfsBRRkCgYEAy/n6 -dcUzgadIVv79UWE6H10dzGqSQZMdzkfj3Pmp4Uera3qX0H7f4Jmi87Xk2s2qH/LR -lo5wtmqzRUT051a8/CK41p9PgchiFzMQl9TWsBsb+v6YuZL0AwQnfbOGhViJgOmR -pcsLPNIG3ILXNiFAPuCNeAdXhBfKbe9LWUAd3BUCgYBNKQH6LS04UMqTBTOk/EPE -6PjMd81Wbd7gMbCv+21NAIn+6zKiQ1JEci0Lp8uQTWZUFWjA5maM1xb58B6AznAX -+VRid6IepQ+csooK5FKmbwrg9RknrUIpp/etdVoDcVT6Hh0x/KbJxxNbAIdjbfeT -34T6bLCukTuwAE3kTMOKaQKBgQCMrgwfzbKIaWdrGNJ9niEIIKC8q4PT1jNoYgy2 -CzsvNM71gcfS9K5TqaLJk1oTzmTXRBFpVTRHm6+oxrZiF2CgRRJWc+nSCPIeLgnz -rcekDg5uPcn3s3K34dWazIaq0TWEw5LAVhmaCQDSdSsZGjXFJ/pqHiYt5Hqo97Fw -DNiLQQKBgHKxhsLIW1DIeHgbrwoYm33NhY+taCRyU7aqUjYGk74tO9Qe2H5HbXjD -xxrC20a8xStKAv+GdvxZhQtBg0q83av1n/puAFk9rAy/nP7ah/P03Es6vKHj+dec -GRubG6+SCqbIqsZSjC1ylbioO5GueAjg+GYI5a2NtAiXUQ1fAgax ------END RSA PRIVATE KEY----- diff --git a/spec/katello_certs_check_spec.rb b/spec/katello_certs_check_spec.rb index c09412b1..69cbe659 100644 --- a/spec/katello_certs_check_spec.rb +++ b/spec/katello_certs_check_spec.rb @@ -5,35 +5,39 @@ # badkey passphrase is 'foreman' describe 'katello-certs-check' do - let(:command) { File.join(__dir__, '..', 'bin', 'katello-certs-check') } - let(:directory) { File.join(FIXTURE_DIR, 'katello-certs-check') } - let(:ca) { File.join(directory, 'cacert.crt') } - let(:key) { File.join(directory, 'foreman.example.com.key') } - let(:cert) { File.join(directory, 'foreman.example.com.crt') } - let(:badkey) { File.join(directory, 'key_pass.key') } - def fixture(filename) File.read(File.join(directory, filename)).gsub('|COMMAND|', command) end - it 'without parameters' do - stdout, stderr, status = Open3.capture3(command) - expect(stderr).to eq fixture('missing-parameter.txt') - expect(stdout).to eq '' - expect(status.exitstatus).to eq 1 - end + let(:command) { File.join(__dir__, '..', 'bin', 'katello-certs-check') } + let(:directory) { File.join(FIXTURE_DIR, 'katello-certs-check') } + let(:certs_directory) { File.join(directory, 'certs') } + let(:ca) { File.join(certs_directory, 'ca.crt') } - it 'completes correctly' do - command_with_certs = "#{command} -b #{ca} -k #{key} -c #{cert}" - _stdout, stderr, status = Open3.capture3(command_with_certs) - expect(stderr).to eq '' - expect(status.exitstatus).to eq 0 - end + context 'with valid certificates' do + let(:key) { File.join(certs_directory, 'foreman.example.com.key') } + let(:cert) { File.join(certs_directory, 'foreman.example.com.crt') } + let(:badkey) { File.join(directory, 'key_pass.key') } + + it 'without parameters' do + stdout, stderr, status = Open3.capture3(command) + expect(stderr).to eq fixture('missing-parameter.txt') + expect(stdout).to eq '' + expect(status.exitstatus).to eq 1 + end + + it 'completes correctly' do + command_with_certs = "#{command} -b #{ca} -k #{key} -c #{cert}" + _stdout, stderr, status = Open3.capture3(command_with_certs) + expect(stderr).to eq '' + expect(status.exitstatus).to eq 0 + end - it 'with password on key' do - command_with_certs = "#{command} -b #{ca} -k #{badkey} -c #{cert}" - _stdout, stderr, status = Open3.capture3(command_with_certs) - expect(stderr).to eq "The #{badkey} contains a passphrase, remove the key's passphrase by doing: \nmv #{badkey} #{badkey}.old \nopenssl rsa -in #{badkey}.old -out #{badkey}\n" - expect(status.exitstatus).to eq 1 + it 'with password on key' do + command_with_certs = "#{command} -b #{ca} -k #{badkey} -c #{cert}" + _stdout, stderr, status = Open3.capture3(command_with_certs) + expect(stderr).to eq "The #{badkey} contains a passphrase, remove the key's passphrase by doing: \nmv #{badkey} #{badkey}.old \nopenssl rsa -in #{badkey}.old -out #{badkey}\n" + expect(status.exitstatus).to eq 1 + end end end