private void setupSSLConfig(YarnConfiguration conf) throws Exception { keystoresDir = TestGenericTestUtils.getTestDir().getAbsolutePath(); sslConfDir = KeyStoreTestUtil.getClasspathDir(TestTimelineClient.class); KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, conf, false); }
@After @Before public void cleanUp() throws Exception { sslConfsDir = KeyStoreTestUtil.getClasspathDir(TestSSLFactory.class); KeyStoreTestUtil.cleanupSSLConfig(KEYSTORES_DIR, sslConfsDir); }
KeyPair cKP = KeyStoreTestUtil.generateKeyPair("RSA"); X509Certificate cCert = KeyStoreTestUtil.generateCertificate("CN=localhost, O=client", cKP, 30, "SHA1withRSA"); KeyStoreTestUtil.createKeyStore(clientKS, clientPassword, "client", cKP.getPrivate(), cCert); certs.put("client", cCert); KeyPair sKP = KeyStoreTestUtil.generateKeyPair("RSA"); X509Certificate sCert = KeyStoreTestUtil.generateCertificate("CN=localhost, O=server", sKP, 30, "SHA1withRSA"); KeyStoreTestUtil.createKeyStore(serverKS, serverPassword, "server", sKP.getPrivate(), sCert); certs.put("server", sCert); KeyStoreTestUtil.createTrustStore(trustKS, trustPassword, certs); Configuration clientSSLConf = createClientSSLConfig(clientKS, clientPassword, clientPassword, trustKS); Configuration serverSSLConf = createServerSSLConfig(serverKS, serverPassword, serverPassword, trustKS); saveConfig(sslClientConfFile, clientSSLConf); saveConfig(sslServerConfFile, serverSSLConf);
public static void createTrustStore(String filename, String password, String alias, Certificate cert) throws GeneralSecurityException, IOException { KeyStore ks = createEmptyKeyStore(); ks.setCertificateEntry(alias, cert); saveKeyStore(ks, filename, password); }
/** * Performs complete setup of SSL configuration in preparation for testing an * SSLFactory. This includes keys, certs, keystores, truststores, the server * SSL configuration file, the client SSL configuration file, and the master * configuration file read by the SSLFactory. * * @param keystoresDir String directory to save keystores * @param sslConfDir String directory to save SSL configuration files * @param conf Configuration master configuration to be used by an SSLFactory, * which will be mutated by this method * @param useClientCert boolean true to make the client present a cert in the * SSL handshake */ public static void setupSSLConfig(String keystoresDir, String sslConfDir, Configuration conf, boolean useClientCert) throws Exception { setupSSLConfig(keystoresDir, sslConfDir, conf, useClientCert, true); }
@After public void cleanUpMiniClusterSpecialConfig() throws Exception { new File(classpathDir, "core-site.xml").delete(); String keystoresDir = new File(BASEDIR).getAbsolutePath(); KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, classpathDir); }
@Before public void createCustomYarnClasspath() throws Exception { classpathDir = KeyStoreTestUtil.getClasspathDir(TestEncryptedShuffle.class); new File(classpathDir, "core-site.xml").delete(); }
/** * Performs complete setup of SSL configuration in preparation for testing an * SSLFactory. This includes keys, certs, keystores, truststores, the server * SSL configuration file, the client SSL configuration file, and the master * configuration file read by the SSLFactory. * * @param keystoresDir String directory to save keystores * @param sslConfDir String directory to save SSL configuration files * @param conf Configuration master configuration to be used by an SSLFactory, * which will be mutated by this method * @param useClientCert boolean true to make the client present a cert in the * SSL handshake */ public static void setupSSLConfig(String keystoresDir, String sslConfDir, Configuration conf, boolean useClientCert) throws Exception { setupSSLConfig(keystoresDir, sslConfDir, conf, useClientCert, true); }
@AfterClass public static void tearDown() throws Exception { FileUtil.fullyDelete(new File(BASEDIR)); KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir); }
public static void createTrustStore(String filename, String password, String alias, Certificate cert) throws GeneralSecurityException, IOException { KeyStore ks = createEmptyKeyStore(); ks.setCertificateEntry(alias, cert); saveKeyStore(ks, filename, password); }
@BeforeClass public static void setUp() throws Exception { File base = new File(BASEDIR); FileUtil.fullyDelete(base); base.mkdirs(); conf = new Configuration(); keystoresDir = new File(BASEDIR).getAbsolutePath(); sslConfDir = KeyStoreTestUtil.getClasspathDir(TestNameNodeHttpServer.class); KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, conf, false); connectionFactory = URLConnectionFactory .newDefaultURLConnectionFactory(conf); }
KeyPair cKP = KeyStoreTestUtil.generateKeyPair("RSA"); X509Certificate cCert = KeyStoreTestUtil.generateCertificate("CN=localhost, O=client", cKP, 30, "SHA1withRSA"); KeyStoreTestUtil.createKeyStore(clientKS, clientPassword, "client", cKP.getPrivate(), cCert); certs.put("client", cCert); KeyPair sKP = KeyStoreTestUtil.generateKeyPair("RSA"); X509Certificate sCert = KeyStoreTestUtil.generateCertificate("CN=localhost, O=server", sKP, 30, "SHA1withRSA"); KeyStoreTestUtil.createKeyStore(serverKS, serverPassword, "server", sKP.getPrivate(), sCert); certs.put("server", sCert); KeyStoreTestUtil.createTrustStore(trustKS, trustPassword, certs); Configuration clientSSLConf = createClientSSLConfig(clientKS, clientPassword, clientPassword, trustKS, excludeCiphers); Configuration serverSSLConf = createServerSSLConfig(serverKS, serverPassword, serverPassword, trustKS, excludeCiphers); saveConfig(sslClientConfFile, clientSSLConf); saveConfig(sslServerConfFile, serverSSLConf);
@After @Before public void cleanUp() throws Exception { sslConfsDir = KeyStoreTestUtil.getClasspathDir(TestSSLFactory.class); KeyStoreTestUtil.cleanupSSLConfig(KEYSTORES_DIR, sslConfsDir); }
/** * Performs complete setup of SSL configuration in preparation for testing an * SSLFactory. This includes keys, certs, keystores, truststores, the server * SSL configuration file, the client SSL configuration file, and the master * configuration file read by the SSLFactory. * * @param keystoresDir String directory to save keystores * @param sslConfDir String directory to save SSL configuration files * @param conf Configuration master configuration to be used by an SSLFactory, * which will be mutated by this method * @param useClientCert boolean true to make the client present a cert in the * SSL handshake * @param trustStore boolean true to create truststore, false not to create it * @throws java.lang.Exception */ public static void setupSSLConfig(String keystoresDir, String sslConfDir, Configuration conf, boolean useClientCert, boolean trustStore) throws Exception { setupSSLConfig(keystoresDir, sslConfDir, conf, useClientCert, true,""); }
@AfterClass public static void tearDown() throws Exception { cluster.shutdown(); FileUtil.fullyDelete(new File(BASEDIR)); KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir); }
public static void createKeyStore(String filename, String password, String alias, Key privateKey, Certificate cert) throws GeneralSecurityException, IOException { KeyStore ks = createEmptyKeyStore(); ks.setKeyEntry(alias, privateKey, password.toCharArray(), new Certificate[]{cert}); saveKeyStore(ks, filename, password); }
private static void setupSsl() throws Exception { Configuration conf = new Configuration(); conf.setBoolean(DFSConfigKeys.DFS_WEBHDFS_ENABLED_KEY, true); conf.set(DFSConfigKeys.DFS_HTTP_POLICY_KEY, HttpConfig.Policy.HTTPS_ONLY.name()); conf.set(DFSConfigKeys.DFS_NAMENODE_HTTPS_ADDRESS_KEY, "localhost:0"); conf.set(DFSConfigKeys.DFS_DATANODE_HTTPS_ADDRESS_KEY, "localhost:0"); File base = new File(BASEDIR); FileUtil.fullyDelete(base); assertTrue(base.mkdirs()); final String keystoresDir = new File(BASEDIR).getAbsolutePath(); final String sslConfDir = KeyStoreTestUtil.getClasspathDir(TestNameNodeRespectsBindHostKeys.class); KeyStoreTestUtil.setupSSLConfig(keystoresDir, sslConfDir, conf, false); }
KeyPair keyPair = KeyStoreTestUtil.generateKeyPair("RSA"); X509Certificate cert = KeyStoreTestUtil.generateCertificate("CN=Test", keyPair, 30, "SHA1withRSA"); KeyStoreTestUtil.createKeyStore(keystore, password, keyPassword, "Test", keyPair.getPrivate(), cert); Map<String, X509Certificate> certs = Collections.singletonMap("server", cert); KeyStoreTestUtil.createTrustStore(truststore, trustPassword, certs); sslConf = KeyStoreTestUtil.createServerSSLConfig(keystore, confPassword, confKeyPassword, truststore); if (useCredProvider) { sslConf = KeyStoreTestUtil.createClientSSLConfig(keystore, confPassword, confKeyPassword, truststore); KeyStoreTestUtil.saveConfig(new File(sslConfsDir, sslConfFileName), sslConf);
private Configuration createConfiguration(boolean clientCert, boolean trustStore) throws Exception { Configuration conf = new Configuration(); KeyStoreTestUtil.setupSSLConfig(KEYSTORES_DIR, sslConfsDir, conf, clientCert, trustStore); return conf; }
@AfterClass public static void tearDown() throws Exception { if (cluster != null) { cluster.shutdown(); } FileUtil.fullyDelete(new File(BASEDIR)); KeyStoreTestUtil.cleanupSSLConfig(keystoresDir, sslConfDir); }