testing: Store mars credentials in the swanctl directory
This commit is contained in:
parent
2cbf7da51a
commit
68154033bb
|
@ -753,13 +753,13 @@ cp ${TEST_CERT} ${TEST}/hosts/moon/${IPSEC_DIR}/ocspcerts
|
|||
|
||||
# Generate mars virtual server certificate
|
||||
TEST="${TEST_DIR}/ha/both-active"
|
||||
TEST_KEY="${TEST}/hosts/moon/${IPSEC_DIR}/private/marsKey.pem"
|
||||
TEST_CERT="${TEST}/hosts/moon/${IPSEC_DIR}/certs/marsCert.pem"
|
||||
TEST_KEY="${TEST}/hosts/moon/${SWANCTL_DIR}/rsa/marsKey.pem"
|
||||
TEST_CERT="${TEST}/hosts/moon/${SWANCTL_DIR}/x509/marsCert.pem"
|
||||
CN="mars.strongswan.org"
|
||||
OU="Virtual VPN Gateway"
|
||||
SERIAL="12"
|
||||
mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/private
|
||||
mkdir -p ${TEST}/hosts/moon/${IPSEC_DIR}/certs
|
||||
mkdir -p ${TEST}/hosts/moon/${SWANCTL_DIR}/rsa
|
||||
mkdir -p ${TEST}/hosts/moon/${SWANCTL_DIR}/x509
|
||||
pki --gen --type rsa --size ${RSA_SIZE} --outform pem > ${TEST_KEY}
|
||||
pki --issue --cakey ${CA_KEY} --cacert ${CA_CERT} --crl ${CA_CDP} --type rsa \
|
||||
--in ${TEST_KEY} --not-before "${START}" --not-after "${EE_END}" --san ${CN} \
|
||||
|
@ -768,21 +768,21 @@ pki --issue --cakey ${CA_KEY} --cacert ${CA_CERT} --crl ${CA_CDP} --type rsa \
|
|||
cp ${TEST_CERT} ${CA_DIR}/certs/${SERIAL}.pem
|
||||
|
||||
# Put a copy into the mirrored gateway
|
||||
mkdir -p ${TEST}/hosts/alice/${IPSEC_DIR}/private
|
||||
mkdir -p ${TEST}/hosts/alice/${IPSEC_DIR}/certs
|
||||
cp ${TEST_KEY} ${TEST}/hosts/alice/${IPSEC_DIR}/private
|
||||
cp ${TEST_CERT} ${TEST}/hosts/alice/${IPSEC_DIR}/certs
|
||||
mkdir -p ${TEST}/hosts/alice/${SWANCTL_DIR}/rsa
|
||||
mkdir -p ${TEST}/hosts/alice/${SWANCTL_DIR}/x509
|
||||
cp ${TEST_KEY} ${TEST}/hosts/alice/${SWANCTL_DIR}/rsa
|
||||
cp ${TEST_CERT} ${TEST}/hosts/alice/${SWANCTL_DIR}/x509
|
||||
|
||||
# Put a copy into the ha/active-passive and ikev2-redirect-active scenarios
|
||||
for t in "ha/active-passive" "ikev2/redirect-active"
|
||||
# Put a copy into the ha/active-passive and swanctl/redirect-active scenarios
|
||||
for t in "ha/active-passive" "swanctl/redirect-active"
|
||||
do
|
||||
TEST="${TEST_DIR}/${t}"
|
||||
for h in alice moon
|
||||
do
|
||||
mkdir -p ${TEST}/hosts/${h}/${IPSEC_DIR}/private
|
||||
mkdir -p ${TEST}/hosts/${h}/${IPSEC_DIR}/certs
|
||||
cp ${TEST_KEY} ${TEST}/hosts/${h}/${IPSEC_DIR}/private
|
||||
cp ${TEST_CERT} ${TEST}/hosts/${h}/${IPSEC_DIR}/certs
|
||||
mkdir -p ${TEST}/hosts/${h}/${SWANCTL_DIR}/rsa
|
||||
mkdir -p ${TEST}/hosts/${h}/${SWANCTL_DIR}/x509
|
||||
cp ${TEST_KEY} ${TEST}/hosts/${h}/${SWANCTL_DIR}/rsa
|
||||
cp ${TEST_CERT} ${TEST}/hosts/${h}/${SWANCTL_DIR}/x509
|
||||
done
|
||||
done
|
||||
|
||||
|
|
Loading…
Reference in New Issue