ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

testing: Store mars credentials in the swanctl directory

This commit is contained in:
Andreas Steffen 2021-03-28 15:11:28 +02:00
parent 2cbf7da51a
commit 68154033bb
1 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
testing/scripts/build-certs-chroot
View File

@ -753,13 +753,13 @@ cp ${TEST_CERT} ${TEST}/hosts/moon/${IPSEC_DIR}/ocspcerts
# Generate mars virtual server certificate
TEST="${TEST_DIR}/ha/both-active"
TEST_KEY="${TEST}/hosts/moon/${IPSEC_DIR}/private/marsKey.pem"
TEST_CERT="${TEST}/hosts/moon/${IPSEC_DIR}/certs/marsCert.pem"
TEST_KEY="${TEST}/hosts/moon/${SWANCTL_DIR}/rsa/marsKey.pem"
TEST_CERT="${TEST}/hosts/moon/${SWANCTL_DIR}/x509/marsCert.pem"
CN="mars.strongswan.org"
OU="Virtual VPN Gateway"
SERIAL="12"
mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/private
mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/certs
mkdir -p ${TEST}/hosts/moon/${SWANCTL_DIR}/rsa
mkdir -p ${TEST}/hosts/moon/${SWANCTL_DIR}/x509
pki --gen --type rsa --size ${RSA_SIZE} --outform pem > ${TEST_KEY}
pki --issue --cakey ${CA_KEY} --cacert ${CA_CERT} --crl ${CA_CDP} --type rsa \
--in ${TEST_KEY} --not-before "${START}" --not-after "${EE_END}" --san ${CN} \
@ -768,21 +768,21 @@ pki --issue --cakey ${CA_KEY} --cacert ${CA_CERT} --crl ${CA_CDP} --type rsa \
cp ${TEST_CERT} ${CA_DIR}/certs/${SERIAL}.pem
# Put a copy into the mirrored gateway
mkdir -p ${TEST}/hosts/alice/${IPSEC_DIR}/private
mkdir -p ${TEST}/hosts/alice/${IPSEC_DIR}/certs
cp ${TEST_KEY} ${TEST}/hosts/alice/${IPSEC_DIR}/private
cp ${TEST_CERT} ${TEST}/hosts/alice/${IPSEC_DIR}/certs
mkdir -p ${TEST}/hosts/alice/${SWANCTL_DIR}/rsa
mkdir -p ${TEST}/hosts/alice/${SWANCTL_DIR}/x509
cp ${TEST_KEY} ${TEST}/hosts/alice/${SWANCTL_DIR}/rsa
cp ${TEST_CERT} ${TEST}/hosts/alice/${SWANCTL_DIR}/x509
# Put a copy into the ha/active-passive and ikev2-redirect-active scenarios
for t in "ha/active-passive" "ikev2/redirect-active"
# Put a copy into the ha/active-passive and swanctl/redirect-active scenarios
for t in "ha/active-passive" "swanctl/redirect-active"
do
TEST="${TEST_DIR}/${t}"
for h in alice moon
do
mkdir -p ${TEST}/hosts/${h}/${IPSEC_DIR}/private
mkdir -p ${TEST}/hosts/${h}/${IPSEC_DIR}/certs
cp ${TEST_KEY} ${TEST}/hosts/${h}/${IPSEC_DIR}/private
cp ${TEST_CERT} ${TEST}/hosts/${h}/${IPSEC_DIR}/certs
mkdir -p ${TEST}/hosts/${h}/${SWANCTL_DIR}/rsa
mkdir -p ${TEST}/hosts/${h}/${SWANCTL_DIR}/x509
cp ${TEST_KEY} ${TEST}/hosts/${h}/${SWANCTL_DIR}/rsa
cp ${TEST_CERT} ${TEST}/hosts/${h}/${SWANCTL_DIR}/x509
done
done