From 5f5e172cd2392952162398c85b07e6f6b7e69398 Mon Sep 17 00:00:00 2001 From: Thomas Vanbesien Date: Wed, 18 Feb 2026 22:30:06 +0100 Subject: Move certificates into per-test directories Each secure test now has its own certs/ subfolder with per-identity subdirectories and a single shared trust store. Configs reference paths relative to the project root (e.g. tests/secure_anonymous/ certs/ServerLDS/cert.der). Cert generation logic removed from test scripts since certs are now pre-generated and committed. --- .gitignore | 3 -- readme.md | 57 +++++---------------- tests/run_download_cert_test.sh | 22 +------- tests/run_test.sh | 19 ------- tests/secure_anonymous/certs/Client/cert.der | Bin 0 -> 913 bytes tests/secure_anonymous/certs/Client/key.der | Bin 0 -> 1218 bytes tests/secure_anonymous/certs/ServerLDS/cert.der | Bin 0 -> 922 bytes tests/secure_anonymous/certs/ServerLDS/key.der | Bin 0 -> 1217 bytes .../secure_anonymous/certs/ServerRegister/cert.der | Bin 0 -> 937 bytes .../secure_anonymous/certs/ServerRegister/key.der | Bin 0 -> 1217 bytes .../certs/ServerRegisterClient/cert.der | Bin 0 -> 955 bytes .../certs/ServerRegisterClient/key.der | Bin 0 -> 1216 bytes tests/secure_anonymous/certs/trust/Client_cert.der | Bin 0 -> 913 bytes .../certs/trust/ServerLDS_cert.der | Bin 0 -> 922 bytes .../certs/trust/ServerRegisterClient_cert.der | Bin 0 -> 955 bytes .../certs/trust/ServerRegister_cert.der | Bin 0 -> 937 bytes tests/secure_anonymous/client.conf | 6 +-- tests/secure_anonymous/server_lds.conf | 6 +-- tests/secure_anonymous/server_register.conf | 6 +-- tests/secure_anonymous/server_register_client.conf | 6 +-- tests/secure_cert/certs/Client/cert.der | Bin 0 -> 913 bytes tests/secure_cert/certs/Client/key.der | Bin 0 -> 1218 bytes tests/secure_cert/certs/ServerLDS/cert.der | Bin 0 -> 922 bytes tests/secure_cert/certs/ServerLDS/key.der | Bin 0 -> 1217 bytes tests/secure_cert/certs/ServerRegister/cert.der | Bin 0 -> 937 bytes tests/secure_cert/certs/ServerRegister/key.der | Bin 0 -> 1217 bytes .../certs/ServerRegisterClient/cert.der | Bin 0 -> 955 bytes .../secure_cert/certs/ServerRegisterClient/key.der | Bin 0 -> 1216 bytes tests/secure_cert/certs/trust/Client_cert.der | Bin 0 -> 913 bytes tests/secure_cert/certs/trust/ServerLDS_cert.der | Bin 0 -> 922 bytes .../certs/trust/ServerRegisterClient_cert.der | Bin 0 -> 955 bytes .../certs/trust/ServerRegister_cert.der | Bin 0 -> 937 bytes tests/secure_cert/client.conf | 6 +-- tests/secure_cert/server_lds.conf | 6 +-- tests/secure_cert/server_register.conf | 6 +-- tests/secure_cert/server_register_client.conf | 6 +-- tests/secure_user/certs/Client/cert.der | Bin 0 -> 913 bytes tests/secure_user/certs/Client/key.der | Bin 0 -> 1218 bytes tests/secure_user/certs/ServerLDS/cert.der | Bin 0 -> 922 bytes tests/secure_user/certs/ServerLDS/key.der | Bin 0 -> 1217 bytes tests/secure_user/certs/ServerRegister/cert.der | Bin 0 -> 937 bytes tests/secure_user/certs/ServerRegister/key.der | Bin 0 -> 1217 bytes .../certs/ServerRegisterClient/cert.der | Bin 0 -> 955 bytes .../secure_user/certs/ServerRegisterClient/key.der | Bin 0 -> 1216 bytes tests/secure_user/certs/trust/Client_cert.der | Bin 0 -> 913 bytes tests/secure_user/certs/trust/ServerLDS_cert.der | Bin 0 -> 922 bytes .../certs/trust/ServerRegisterClient_cert.der | Bin 0 -> 955 bytes .../certs/trust/ServerRegister_cert.der | Bin 0 -> 937 bytes tests/secure_user/client.conf | 6 +-- tests/secure_user/server_lds.conf | 6 +-- tests/secure_user/server_register.conf | 6 +-- tests/secure_user/server_register_client.conf | 6 +-- 52 files changed, 52 insertions(+), 121 deletions(-) create mode 100644 tests/secure_anonymous/certs/Client/cert.der create mode 100644 tests/secure_anonymous/certs/Client/key.der create mode 100644 tests/secure_anonymous/certs/ServerLDS/cert.der create mode 100644 tests/secure_anonymous/certs/ServerLDS/key.der create mode 100644 tests/secure_anonymous/certs/ServerRegister/cert.der create mode 100644 tests/secure_anonymous/certs/ServerRegister/key.der create mode 100644 tests/secure_anonymous/certs/ServerRegisterClient/cert.der create mode 100644 tests/secure_anonymous/certs/ServerRegisterClient/key.der create mode 100644 tests/secure_anonymous/certs/trust/Client_cert.der create mode 100644 tests/secure_anonymous/certs/trust/ServerLDS_cert.der create mode 100644 tests/secure_anonymous/certs/trust/ServerRegisterClient_cert.der create mode 100644 tests/secure_anonymous/certs/trust/ServerRegister_cert.der create mode 100644 tests/secure_cert/certs/Client/cert.der create mode 100644 tests/secure_cert/certs/Client/key.der create mode 100644 tests/secure_cert/certs/ServerLDS/cert.der create mode 100644 tests/secure_cert/certs/ServerLDS/key.der create mode 100644 tests/secure_cert/certs/ServerRegister/cert.der create mode 100644 tests/secure_cert/certs/ServerRegister/key.der create mode 100644 tests/secure_cert/certs/ServerRegisterClient/cert.der create mode 100644 tests/secure_cert/certs/ServerRegisterClient/key.der create mode 100644 tests/secure_cert/certs/trust/Client_cert.der create mode 100644 tests/secure_cert/certs/trust/ServerLDS_cert.der create mode 100644 tests/secure_cert/certs/trust/ServerRegisterClient_cert.der create mode 100644 tests/secure_cert/certs/trust/ServerRegister_cert.der create mode 100644 tests/secure_user/certs/Client/cert.der create mode 100644 tests/secure_user/certs/Client/key.der create mode 100644 tests/secure_user/certs/ServerLDS/cert.der create mode 100644 tests/secure_user/certs/ServerLDS/key.der create mode 100644 tests/secure_user/certs/ServerRegister/cert.der create mode 100644 tests/secure_user/certs/ServerRegister/key.der create mode 100644 tests/secure_user/certs/ServerRegisterClient/cert.der create mode 100644 tests/secure_user/certs/ServerRegisterClient/key.der create mode 100644 tests/secure_user/certs/trust/Client_cert.der create mode 100644 tests/secure_user/certs/trust/ServerLDS_cert.der create mode 100644 tests/secure_user/certs/trust/ServerRegisterClient_cert.der create mode 100644 tests/secure_user/certs/trust/ServerRegister_cert.der diff --git a/.gitignore b/.gitignore index 2bef7c5..2767e20 100644 --- a/.gitignore +++ b/.gitignore @@ -7,9 +7,6 @@ compile_commands.json # Editor / IDE caches .cache/ -# Certificates (generated, contain private keys) -certs/ - # Claude Code local state .claude/ diff --git a/readme.md b/readme.md index f6a7916..bc5d4c0 100644 --- a/readme.md +++ b/readme.md @@ -5,7 +5,7 @@ A small C project that demonstrates OPC UA server discovery using the - **ServerLDS** — Local Discovery Server that other servers register with - **ServerRegister** — a server that periodically registers itself with the LDS -- **Client** — queries the LDS for servers, lists endpoints, or reads the current time from a server +- **Client** — queries the LDS for servers, lists endpoints, reads the current time, or downloads a server's certificate ## Prerequisites @@ -23,52 +23,19 @@ git clone --recursive https://git.tvcloud.fr/opcua_c cd opcua_c ``` -### Generate certificates +### Certificates -The programs use TLS certificates for mutual authentication. ServerLDS and -ServerRegister can also run without certificates (SecurityPolicy#None only) by +Test certificates are pre-generated and committed under each test directory +(e.g. `tests/secure_anonymous/certs/`). Each secure test has per-identity +subdirectories (`ServerLDS/`, `ServerRegister/`, `ServerRegisterClient/`, +`Client/`) containing `cert.der` and `key.der`, plus a shared `trust/` +directory with all certificates. + +Programs can also run without certificates (SecurityPolicy#None only) by omitting the `certificate`, `privateKey`, and `trustStore` keys from their config files. -For encrypted operation, four identities are needed. Each call to -`tools/generate_certificate.sh` creates a self-signed RSA-2048 certificate -(`_cert.der`) and private key (`_key.der`) in the given directory: - -```sh -tools/generate_certificate.sh certs ServerLDS -tools/generate_certificate.sh certs ServerRegister -tools/generate_certificate.sh certs ServerRegisterClient -tools/generate_certificate.sh certs Client -``` - -| Identity | Used by | Purpose | -|----------|---------|---------| -| `ServerLDS` | ServerLDS | Server certificate for the LDS | -| `ServerRegister` | ServerRegister | Server certificate for the registering server | -| `ServerRegisterClient` | ServerRegister | Client certificate used when connecting to the LDS | -| `Client` | Client | Client certificate for all client operations | - -### Populate the trust stores - -OPC UA applications only accept connections from peers whose certificate is in -their trust store. Create the trust store directories and symlink each peer's -certificate: - -```sh -mkdir -p certs/trust/{server_lds,server_register,server_register_client,client} - -ln -s ../../ServerRegisterClient_cert.der ../../Client_cert.der \ - certs/trust/server_lds/ - -ln -s ../../ServerLDS_cert.der ../../Client_cert.der \ - certs/trust/server_register/ - -ln -s ../../ServerLDS_cert.der \ - certs/trust/server_register_client/ - -ln -s ../../ServerLDS_cert.der ../../ServerRegister_cert.der \ - certs/trust/client/ -``` +To generate new certificates, use `tools/generate_certificate.sh [uri]`. ### Build @@ -102,6 +69,9 @@ build/Client tests/secure_user/client.conf get-endpoints opc.tcp://localhost:148 # 5. Read the current time from the registered server build/Client tests/secure_user/client.conf read-time opc.tcp://localhost:14841 + +# 6. Download the server's certificate to a local file +build/Client tests/secure_user/client.conf download-cert opc.tcp://localhost:14841 server.der ``` All three programs accept an optional log level as the last argument @@ -117,6 +87,7 @@ Integration tests exercise four combinations of security and authentication: | `secure_anonymous` | SignAndEncrypt / Aes256_Sha256_RsaPss | anonymous | | `secure_user` | SignAndEncrypt / Aes256_Sha256_RsaPss | user/password | | `secure_cert` | SignAndEncrypt / Aes256_Sha256_RsaPss | X509 certificate | +| `download_cert` | SignAndEncrypt / Aes256_Sha256_RsaPss | anonymous (download-cert) | Run all tests: diff --git a/tests/run_download_cert_test.sh b/tests/run_download_cert_test.sh index 9bcc750..f20609c 100755 --- a/tests/run_download_cert_test.sh +++ b/tests/run_download_cert_test.sh @@ -20,24 +20,6 @@ TMPFILE="" DOWNLOADED_CERT="" FAILURES=0 -# ── ensure certificates exist ───────────────────────────────── -CERT_DIR=certs -GEN_CERT=tools/generate_certificate.sh - -for identity in ServerLDS Client; do - if [ ! -f "$CERT_DIR/${identity}_cert.der" ]; then - "$GEN_CERT" "$CERT_DIR" "$identity" - fi -done - -for store in server_lds client; do - mkdir -p "$CERT_DIR/trust/$store" - for identity in ServerLDS Client; do - cert="$CERT_DIR/${identity}_cert.der" - [ -f "$cert" ] && cp -n "$cert" "$CERT_DIR/trust/$store/" - done -done - # ── cleanup ──────────────────────────────────────────────────── cleanup() { [ -n "$LDS_PID" ] && kill "$LDS_PID" 2>/dev/null && wait "$LDS_PID" 2>/dev/null @@ -100,8 +82,8 @@ echo "$DC_OUTPUT" | grep -q "Certificate saved to" check "download-cert output contains 'Certificate saved to'" $? # ── compare with original ───────────────────────────────────── -cmp -s "$DOWNLOADED_CERT" "certs/ServerLDS_cert.der" -check "downloaded certificate matches certs/ServerLDS_cert.der" $? +cmp -s "$DOWNLOADED_CERT" "$CONFIG_DIR/certs/ServerLDS/cert.der" +check "downloaded certificate matches $CONFIG_DIR/certs/ServerLDS/cert.der" $? # ── result ───────────────────────────────────────────────────── if [ "$FAILURES" -ne 0 ]; then diff --git a/tests/run_test.sh b/tests/run_test.sh index 2767919..fc44ad6 100755 --- a/tests/run_test.sh +++ b/tests/run_test.sh @@ -28,25 +28,6 @@ SR_PID="" TMPFILE="" FAILURES=0 -# ── ensure certificates exist ───────────────────────────────── -CERT_DIR=certs -GEN_CERT=tools/generate_certificate.sh - -for identity in ServerLDS ServerRegister ServerRegisterClient Client; do - if [ ! -f "$CERT_DIR/${identity}_cert.der" ]; then - "$GEN_CERT" "$CERT_DIR" "$identity" - fi -done - -# Populate trust stores: each identity trusts every other identity. -for store in server_lds server_register server_register_client client; do - mkdir -p "$CERT_DIR/trust/$store" - for identity in ServerLDS ServerRegister ServerRegisterClient Client; do - cert="$CERT_DIR/${identity}_cert.der" - [ -f "$cert" ] && cp -n "$cert" "$CERT_DIR/trust/$store/" - done -done - # ── cleanup ──────────────────────────────────────────────────── cleanup() { [ -n "$LDS_PID" ] && kill "$LDS_PID" 2>/dev/null && wait "$LDS_PID" 2>/dev/null diff --git a/tests/secure_anonymous/certs/Client/cert.der b/tests/secure_anonymous/certs/Client/cert.der new file mode 100644 index 0000000..b4661db Binary files /dev/null and b/tests/secure_anonymous/certs/Client/cert.der differ diff --git a/tests/secure_anonymous/certs/Client/key.der b/tests/secure_anonymous/certs/Client/key.der new file mode 100644 index 0000000..4ac4469 Binary files /dev/null and b/tests/secure_anonymous/certs/Client/key.der differ diff --git a/tests/secure_anonymous/certs/ServerLDS/cert.der b/tests/secure_anonymous/certs/ServerLDS/cert.der new file mode 100644 index 0000000..7460975 Binary files /dev/null and b/tests/secure_anonymous/certs/ServerLDS/cert.der differ diff --git a/tests/secure_anonymous/certs/ServerLDS/key.der b/tests/secure_anonymous/certs/ServerLDS/key.der new file mode 100644 index 0000000..bb917eb Binary files /dev/null and b/tests/secure_anonymous/certs/ServerLDS/key.der differ diff --git a/tests/secure_anonymous/certs/ServerRegister/cert.der b/tests/secure_anonymous/certs/ServerRegister/cert.der new file mode 100644 index 0000000..5b8a6bd Binary files /dev/null and b/tests/secure_anonymous/certs/ServerRegister/cert.der differ diff --git a/tests/secure_anonymous/certs/ServerRegister/key.der b/tests/secure_anonymous/certs/ServerRegister/key.der new file mode 100644 index 0000000..83669b7 Binary files /dev/null and b/tests/secure_anonymous/certs/ServerRegister/key.der differ diff --git a/tests/secure_anonymous/certs/ServerRegisterClient/cert.der b/tests/secure_anonymous/certs/ServerRegisterClient/cert.der new file mode 100644 index 0000000..cf62a2c Binary files /dev/null and b/tests/secure_anonymous/certs/ServerRegisterClient/cert.der differ diff --git a/tests/secure_anonymous/certs/ServerRegisterClient/key.der b/tests/secure_anonymous/certs/ServerRegisterClient/key.der new file mode 100644 index 0000000..8f44211 Binary files /dev/null and b/tests/secure_anonymous/certs/ServerRegisterClient/key.der differ diff --git a/tests/secure_anonymous/certs/trust/Client_cert.der b/tests/secure_anonymous/certs/trust/Client_cert.der new file mode 100644 index 0000000..b4661db Binary files /dev/null and b/tests/secure_anonymous/certs/trust/Client_cert.der differ diff --git a/tests/secure_anonymous/certs/trust/ServerLDS_cert.der b/tests/secure_anonymous/certs/trust/ServerLDS_cert.der new file mode 100644 index 0000000..7460975 Binary files /dev/null and b/tests/secure_anonymous/certs/trust/ServerLDS_cert.der differ diff --git a/tests/secure_anonymous/certs/trust/ServerRegisterClient_cert.der b/tests/secure_anonymous/certs/trust/ServerRegisterClient_cert.der new file mode 100644 index 0000000..cf62a2c Binary files /dev/null and b/tests/secure_anonymous/certs/trust/ServerRegisterClient_cert.der differ diff --git a/tests/secure_anonymous/certs/trust/ServerRegister_cert.der b/tests/secure_anonymous/certs/trust/ServerRegister_cert.der new file mode 100644 index 0000000..5b8a6bd Binary files /dev/null and b/tests/secure_anonymous/certs/trust/ServerRegister_cert.der differ diff --git a/tests/secure_anonymous/client.conf b/tests/secure_anonymous/client.conf index 2a059fa..4cfc7c2 100644 --- a/tests/secure_anonymous/client.conf +++ b/tests/secure_anonymous/client.conf @@ -2,9 +2,9 @@ applicationUri = urn:localhost:bobink:Client -certificate = certs/Client_cert.der -privateKey = certs/Client_key.der -trustStore = certs/trust/client +certificate = tests/secure_anonymous/certs/Client/cert.der +privateKey = tests/secure_anonymous/certs/Client/key.der +trustStore = tests/secure_anonymous/certs/trust securityMode = SignAndEncrypt securityPolicy = Aes256_Sha256_RsaPss diff --git a/tests/secure_anonymous/server_lds.conf b/tests/secure_anonymous/server_lds.conf index f92b803..8d86c7f 100644 --- a/tests/secure_anonymous/server_lds.conf +++ b/tests/secure_anonymous/server_lds.conf @@ -4,9 +4,9 @@ port = 14840 applicationUri = urn:localhost:bobink:ServerLDS -certificate = certs/ServerLDS_cert.der -privateKey = certs/ServerLDS_key.der -trustStore = certs/trust/server_lds +certificate = tests/secure_anonymous/certs/ServerLDS/cert.der +privateKey = tests/secure_anonymous/certs/ServerLDS/key.der +trustStore = tests/secure_anonymous/certs/trust authMode = anonymous diff --git a/tests/secure_anonymous/server_register.conf b/tests/secure_anonymous/server_register.conf index 31df277..b559526 100644 --- a/tests/secure_anonymous/server_register.conf +++ b/tests/secure_anonymous/server_register.conf @@ -3,9 +3,9 @@ port = 14841 applicationUri = urn:localhost:bobink:ServerRegister -certificate = certs/ServerRegister_cert.der -privateKey = certs/ServerRegister_key.der -trustStore = certs/trust/server_register +certificate = tests/secure_anonymous/certs/ServerRegister/cert.der +privateKey = tests/secure_anonymous/certs/ServerRegister/key.der +trustStore = tests/secure_anonymous/certs/trust authMode = anonymous diff --git a/tests/secure_anonymous/server_register_client.conf b/tests/secure_anonymous/server_register_client.conf index e7c34c7..183be16 100644 --- a/tests/secure_anonymous/server_register_client.conf +++ b/tests/secure_anonymous/server_register_client.conf @@ -3,9 +3,9 @@ applicationUri = urn:localhost:bobink:ServerRegister -certificate = certs/ServerRegisterClient_cert.der -privateKey = certs/ServerRegisterClient_key.der -trustStore = certs/trust/server_register_client +certificate = tests/secure_anonymous/certs/ServerRegisterClient/cert.der +privateKey = tests/secure_anonymous/certs/ServerRegisterClient/key.der +trustStore = tests/secure_anonymous/certs/trust securityMode = SignAndEncrypt securityPolicy = Aes256_Sha256_RsaPss diff --git a/tests/secure_cert/certs/Client/cert.der b/tests/secure_cert/certs/Client/cert.der new file mode 100644 index 0000000..b4661db Binary files /dev/null and b/tests/secure_cert/certs/Client/cert.der differ diff --git a/tests/secure_cert/certs/Client/key.der b/tests/secure_cert/certs/Client/key.der new file mode 100644 index 0000000..4ac4469 Binary files /dev/null and b/tests/secure_cert/certs/Client/key.der differ diff --git a/tests/secure_cert/certs/ServerLDS/cert.der b/tests/secure_cert/certs/ServerLDS/cert.der new file mode 100644 index 0000000..7460975 Binary files /dev/null and b/tests/secure_cert/certs/ServerLDS/cert.der differ diff --git a/tests/secure_cert/certs/ServerLDS/key.der b/tests/secure_cert/certs/ServerLDS/key.der new file mode 100644 index 0000000..bb917eb Binary files /dev/null and b/tests/secure_cert/certs/ServerLDS/key.der differ diff --git a/tests/secure_cert/certs/ServerRegister/cert.der b/tests/secure_cert/certs/ServerRegister/cert.der new file mode 100644 index 0000000..5b8a6bd Binary files /dev/null and b/tests/secure_cert/certs/ServerRegister/cert.der differ diff --git a/tests/secure_cert/certs/ServerRegister/key.der b/tests/secure_cert/certs/ServerRegister/key.der new file mode 100644 index 0000000..83669b7 Binary files /dev/null and b/tests/secure_cert/certs/ServerRegister/key.der differ diff --git a/tests/secure_cert/certs/ServerRegisterClient/cert.der b/tests/secure_cert/certs/ServerRegisterClient/cert.der new file mode 100644 index 0000000..cf62a2c Binary files /dev/null and b/tests/secure_cert/certs/ServerRegisterClient/cert.der differ diff --git a/tests/secure_cert/certs/ServerRegisterClient/key.der b/tests/secure_cert/certs/ServerRegisterClient/key.der new file mode 100644 index 0000000..8f44211 Binary files /dev/null and b/tests/secure_cert/certs/ServerRegisterClient/key.der differ diff --git a/tests/secure_cert/certs/trust/Client_cert.der b/tests/secure_cert/certs/trust/Client_cert.der new file mode 100644 index 0000000..b4661db Binary files /dev/null and b/tests/secure_cert/certs/trust/Client_cert.der differ diff --git a/tests/secure_cert/certs/trust/ServerLDS_cert.der b/tests/secure_cert/certs/trust/ServerLDS_cert.der new file mode 100644 index 0000000..7460975 Binary files /dev/null and b/tests/secure_cert/certs/trust/ServerLDS_cert.der differ diff --git a/tests/secure_cert/certs/trust/ServerRegisterClient_cert.der b/tests/secure_cert/certs/trust/ServerRegisterClient_cert.der new file mode 100644 index 0000000..cf62a2c Binary files /dev/null and b/tests/secure_cert/certs/trust/ServerRegisterClient_cert.der differ diff --git a/tests/secure_cert/certs/trust/ServerRegister_cert.der b/tests/secure_cert/certs/trust/ServerRegister_cert.der new file mode 100644 index 0000000..5b8a6bd Binary files /dev/null and b/tests/secure_cert/certs/trust/ServerRegister_cert.der differ diff --git a/tests/secure_cert/client.conf b/tests/secure_cert/client.conf index 68a14aa..b8c7908 100644 --- a/tests/secure_cert/client.conf +++ b/tests/secure_cert/client.conf @@ -3,9 +3,9 @@ applicationUri = urn:localhost:bobink:Client -certificate = certs/Client_cert.der -privateKey = certs/Client_key.der -trustStore = certs/trust/client +certificate = tests/secure_cert/certs/Client/cert.der +privateKey = tests/secure_cert/certs/Client/key.der +trustStore = tests/secure_cert/certs/trust securityMode = SignAndEncrypt securityPolicy = Aes256_Sha256_RsaPss diff --git a/tests/secure_cert/server_lds.conf b/tests/secure_cert/server_lds.conf index ca1f8a6..c863534 100644 --- a/tests/secure_cert/server_lds.conf +++ b/tests/secure_cert/server_lds.conf @@ -4,9 +4,9 @@ port = 14840 applicationUri = urn:localhost:bobink:ServerLDS -certificate = certs/ServerLDS_cert.der -privateKey = certs/ServerLDS_key.der -trustStore = certs/trust/server_lds +certificate = tests/secure_cert/certs/ServerLDS/cert.der +privateKey = tests/secure_cert/certs/ServerLDS/key.der +trustStore = tests/secure_cert/certs/trust authMode = anonymous diff --git a/tests/secure_cert/server_register.conf b/tests/secure_cert/server_register.conf index ba6de55..145857c 100644 --- a/tests/secure_cert/server_register.conf +++ b/tests/secure_cert/server_register.conf @@ -4,9 +4,9 @@ port = 14841 applicationUri = urn:localhost:bobink:ServerRegister -certificate = certs/ServerRegister_cert.der -privateKey = certs/ServerRegister_key.der -trustStore = certs/trust/server_register +certificate = tests/secure_cert/certs/ServerRegister/cert.der +privateKey = tests/secure_cert/certs/ServerRegister/key.der +trustStore = tests/secure_cert/certs/trust authMode = cert diff --git a/tests/secure_cert/server_register_client.conf b/tests/secure_cert/server_register_client.conf index ddba01d..1838958 100644 --- a/tests/secure_cert/server_register_client.conf +++ b/tests/secure_cert/server_register_client.conf @@ -3,9 +3,9 @@ applicationUri = urn:localhost:bobink:ServerRegister -certificate = certs/ServerRegisterClient_cert.der -privateKey = certs/ServerRegisterClient_key.der -trustStore = certs/trust/server_register_client +certificate = tests/secure_cert/certs/ServerRegisterClient/cert.der +privateKey = tests/secure_cert/certs/ServerRegisterClient/key.der +trustStore = tests/secure_cert/certs/trust securityMode = SignAndEncrypt securityPolicy = Aes256_Sha256_RsaPss diff --git a/tests/secure_user/certs/Client/cert.der b/tests/secure_user/certs/Client/cert.der new file mode 100644 index 0000000..b4661db Binary files /dev/null and b/tests/secure_user/certs/Client/cert.der differ diff --git a/tests/secure_user/certs/Client/key.der b/tests/secure_user/certs/Client/key.der new file mode 100644 index 0000000..4ac4469 Binary files /dev/null and b/tests/secure_user/certs/Client/key.der differ diff --git a/tests/secure_user/certs/ServerLDS/cert.der b/tests/secure_user/certs/ServerLDS/cert.der new file mode 100644 index 0000000..7460975 Binary files /dev/null and b/tests/secure_user/certs/ServerLDS/cert.der differ diff --git a/tests/secure_user/certs/ServerLDS/key.der b/tests/secure_user/certs/ServerLDS/key.der new file mode 100644 index 0000000..bb917eb Binary files /dev/null and b/tests/secure_user/certs/ServerLDS/key.der differ diff --git a/tests/secure_user/certs/ServerRegister/cert.der b/tests/secure_user/certs/ServerRegister/cert.der new file mode 100644 index 0000000..5b8a6bd Binary files /dev/null and b/tests/secure_user/certs/ServerRegister/cert.der differ diff --git a/tests/secure_user/certs/ServerRegister/key.der b/tests/secure_user/certs/ServerRegister/key.der new file mode 100644 index 0000000..83669b7 Binary files /dev/null and b/tests/secure_user/certs/ServerRegister/key.der differ diff --git a/tests/secure_user/certs/ServerRegisterClient/cert.der b/tests/secure_user/certs/ServerRegisterClient/cert.der new file mode 100644 index 0000000..cf62a2c Binary files /dev/null and b/tests/secure_user/certs/ServerRegisterClient/cert.der differ diff --git a/tests/secure_user/certs/ServerRegisterClient/key.der b/tests/secure_user/certs/ServerRegisterClient/key.der new file mode 100644 index 0000000..8f44211 Binary files /dev/null and b/tests/secure_user/certs/ServerRegisterClient/key.der differ diff --git a/tests/secure_user/certs/trust/Client_cert.der b/tests/secure_user/certs/trust/Client_cert.der new file mode 100644 index 0000000..b4661db Binary files /dev/null and b/tests/secure_user/certs/trust/Client_cert.der differ diff --git a/tests/secure_user/certs/trust/ServerLDS_cert.der b/tests/secure_user/certs/trust/ServerLDS_cert.der new file mode 100644 index 0000000..7460975 Binary files /dev/null and b/tests/secure_user/certs/trust/ServerLDS_cert.der differ diff --git a/tests/secure_user/certs/trust/ServerRegisterClient_cert.der b/tests/secure_user/certs/trust/ServerRegisterClient_cert.der new file mode 100644 index 0000000..cf62a2c Binary files /dev/null and b/tests/secure_user/certs/trust/ServerRegisterClient_cert.der differ diff --git a/tests/secure_user/certs/trust/ServerRegister_cert.der b/tests/secure_user/certs/trust/ServerRegister_cert.der new file mode 100644 index 0000000..5b8a6bd Binary files /dev/null and b/tests/secure_user/certs/trust/ServerRegister_cert.der differ diff --git a/tests/secure_user/client.conf b/tests/secure_user/client.conf index 5059ca9..1ce4452 100644 --- a/tests/secure_user/client.conf +++ b/tests/secure_user/client.conf @@ -2,9 +2,9 @@ applicationUri = urn:localhost:bobink:Client -certificate = certs/Client_cert.der -privateKey = certs/Client_key.der -trustStore = certs/trust/client +certificate = tests/secure_user/certs/Client/cert.der +privateKey = tests/secure_user/certs/Client/key.der +trustStore = tests/secure_user/certs/trust securityMode = SignAndEncrypt securityPolicy = Aes256_Sha256_RsaPss diff --git a/tests/secure_user/server_lds.conf b/tests/secure_user/server_lds.conf index 3babf37..39ca4d1 100644 --- a/tests/secure_user/server_lds.conf +++ b/tests/secure_user/server_lds.conf @@ -4,9 +4,9 @@ port = 14840 applicationUri = urn:localhost:bobink:ServerLDS -certificate = certs/ServerLDS_cert.der -privateKey = certs/ServerLDS_key.der -trustStore = certs/trust/server_lds +certificate = tests/secure_user/certs/ServerLDS/cert.der +privateKey = tests/secure_user/certs/ServerLDS/key.der +trustStore = tests/secure_user/certs/trust authMode = anonymous diff --git a/tests/secure_user/server_register.conf b/tests/secure_user/server_register.conf index 65e69d8..d0efa16 100644 --- a/tests/secure_user/server_register.conf +++ b/tests/secure_user/server_register.conf @@ -3,9 +3,9 @@ port = 14841 applicationUri = urn:localhost:bobink:ServerRegister -certificate = certs/ServerRegister_cert.der -privateKey = certs/ServerRegister_key.der -trustStore = certs/trust/server_register +certificate = tests/secure_user/certs/ServerRegister/cert.der +privateKey = tests/secure_user/certs/ServerRegister/key.der +trustStore = tests/secure_user/certs/trust authMode = user username = user diff --git a/tests/secure_user/server_register_client.conf b/tests/secure_user/server_register_client.conf index b2edd24..148bab3 100644 --- a/tests/secure_user/server_register_client.conf +++ b/tests/secure_user/server_register_client.conf @@ -3,9 +3,9 @@ applicationUri = urn:localhost:bobink:ServerRegister -certificate = certs/ServerRegisterClient_cert.der -privateKey = certs/ServerRegisterClient_key.der -trustStore = certs/trust/server_register_client +certificate = tests/secure_user/certs/ServerRegisterClient/cert.der +privateKey = tests/secure_user/certs/ServerRegisterClient/key.der +trustStore = tests/secure_user/certs/trust securityMode = SignAndEncrypt securityPolicy = Aes256_Sha256_RsaPss -- cgit v1.2.3