gogrlx/nats-server
1
0
Fork 0
mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-02 03:38:42 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
f854e95c1101b3894dddb7044a7eb3962136c866
nats-server/test/configs/certs/tlsauth/certstore/pkcs12.md
Todd Beets f854e95c11 Cert Store (aka wincert)
2023-06-22 12:25:54 -07:00

1.1 KiB
Raw Blame History

PKCS12 Files

Refresh PKCS12 files when test certificates and keys (PEM files) are refreshed (e.g. expiry workflow)

  • client.p12 is a p12/pfx packaging of client.pem and client-key.pem

openssl pkcs12 -export -inkey ./client-key.pem -in ./client.pem -out client.p12

Note: set the PKCS12 bundle password to s3cr3t as required by provisioning scripts

Cert Store Provisioning Scripts

Windows cert store supports p12/pfx bundle for certificate-with-key import. Windows cert store tests will execute a Powershell script to import relevant PKCS12 bundle into the Windows store before the test. Equivalent to:

powershell.exe -command "& '..\test\configs\certs\tlsauth\certstore\import-<client,server>-p12.ps1'"

The delete-cert-from-store.ps1 script deletes imported certificates from the Windows store (if present) that can cause side-effects and impact the validity of different use tests.

Note: Tests are configured for "current user" store context. Execute tests with appropriate Windows permissions (e.g. as Admin) if adding tests with "local machine" store context specified.

Reference in New Issue View Git Blame Copy Permalink