DBZ-4787 Simplifying the execution of tests with SSL authentication in the IDE;
When starting a MySQL test with -Ddatabase.ssl.mode=verify_ca, the right defaults for truststore/keystore location and password are used, matching the set-up created and executed by the Maven build.
This commit is contained in:
parent
8125b7d8b8
commit
7e987cd806
@ -218,11 +218,14 @@ public Configuration.Builder defaultConfigWithoutDatabaseFilter() {
|
||||
builder.with(MySqlConnectorConfig.SSL_MODE, MySqlConnectorConfig.SecureConnectionMode.DISABLED);
|
||||
}
|
||||
else {
|
||||
URL trustStoreFile = UniqueDatabase.class.getClassLoader().getResource("ssl/truststore");
|
||||
URL keyStoreFile = UniqueDatabase.class.getClassLoader().getResource("ssl/keystore");
|
||||
|
||||
builder.with(MySqlConnectorConfig.SSL_MODE, sslMode)
|
||||
.with(MySqlConnectorConfig.SSL_TRUSTSTORE, System.getProperty("database.ssl.truststore"))
|
||||
.with(MySqlConnectorConfig.SSL_TRUSTSTORE_PASSWORD, System.getProperty("database.ssl.truststore.password"))
|
||||
.with(MySqlConnectorConfig.SSL_KEYSTORE, System.getProperty("database.ssl.keystore"))
|
||||
.with(MySqlConnectorConfig.SSL_KEYSTORE_PASSWORD, System.getProperty("database.ssl.keystore.password"));
|
||||
.with(MySqlConnectorConfig.SSL_TRUSTSTORE, System.getProperty("database.ssl.truststore", trustStoreFile.getPath()))
|
||||
.with(MySqlConnectorConfig.SSL_TRUSTSTORE_PASSWORD, System.getProperty("database.ssl.truststore.password", "debezium"))
|
||||
.with(MySqlConnectorConfig.SSL_KEYSTORE, System.getProperty("database.ssl.keystore", keyStoreFile.getPath()))
|
||||
.with(MySqlConnectorConfig.SSL_KEYSTORE_PASSWORD, System.getProperty("database.ssl.keystore.password", "debezium"));
|
||||
}
|
||||
|
||||
if (dbHistoryPath != null) {
|
||||
|
@ -2,9 +2,10 @@ This directory contains the truststore (used for validating DB server certificat
|
||||
certificate) for running the test suite with SSL enabled and two-way authentication.
|
||||
|
||||
The files are generated based on the certificates in src/test/resources/ssl-certs, which in turn were taken from the
|
||||
MySQL container image (which generates them by default with a validity of 10 years, see /var/lib/mysql). The server
|
||||
used for SSL authentication testing uses those pre-generated certificates (see configuration in
|
||||
src/test/docker/server-ssl/my.cnf).
|
||||
MySQL container image (which generates them by default with a validity of 10 years, see /var/lib/mysql; the currently
|
||||
used certificates were created on March 8 2022, i.e. expect SSL-enabled tests to fail after March 8 2032 due to the
|
||||
expired certificates). The server used for SSL authentication testing uses those pre-generated certificates (see configuration in
|
||||
src/test/docker/server-ssl/my.cnf) instead of generating new ones.
|
||||
|
||||
To regenerate the truststore/keystore files, run the following commands:
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user