update cert.sh file

a821d48e · Timm Fitschen · f71338e8 · a821d48e · a821d48e
Verified Commit a821d48e authored 2 years ago by Timm Fitschen
--- a/.docker/cert.sh
+++ b/.docker/cert.sh
@@ -26,11 +26,15 @@
 # The hostname for which the certificate is created can be changed by setting
 # the environment variable CAOSHOSTNAME.
 #
+# Any arguments will be passed on to `keytool`, you can use this for example for the
+# `-noprompt` option.
+#
 # ## Overview of variables ##
 #
 # - CAOSHOSTNAME :: Hostname for the key (localhost)
 # - KEYPW :: Password for the key (default ist CaosDBSecret)
 # - KEYSTOREPW :: Password for the key store (same as KEYPW)
+
 function cert() {
    mkdir -p cert
    cd cert
@@ -41,18 +45,23 @@ function cert() {
    KEYPW="${KEYPW}" openssl genrsa -aes256 -out caosdb.key.pem \
         -passout env:KEYPW 2048
    # Certificate is for localhost
+    # Some organization should be given, otherwise Firefox won't even display the certificate.
    KEYPW="${KEYPW}" openssl req -new -x509 -key caosdb.key.pem \
         -out caosdb.cert.pem -passin env:KEYPW \
-         -subj "/C=/ST=/L=/O=/OU=/CN=${CAOSHOSTNAME}"
+         -days 365 \
+         -subj "/C=/ST=/L=/O=example/OU=example/CN=${CAOSHOSTNAME}" \
+         -reqexts SAN \
+         -config <(cat /etc/ssl/openssl.cnf \
+                 <(printf "\n[SAN]\nsubjectAltName=DNS:${CAOSHOSTNAME}")) \
    KEYPW="${KEYPW}" KEYSTOREPW="$KEYSTOREPW" openssl pkcs12 -export \
         -inkey caosdb.key.pem -in caosdb.cert.pem -out all-certs.pkcs12 \
         -passin env:KEYPW -passout env:KEYPW
-
-    keytool -importkeystore -srckeystore all-certs.pkcs12 -srcstoretype PKCS12 \
+    keytool -importkeystore "$@" \
+            -srckeystore all-certs.pkcs12 -srcstoretype PKCS12 \
            -deststoretype pkcs12 -destkeystore caosdb.jks \
            -srcstorepass "${KEYPW}" \
            -destkeypass "${KEYPW}" -deststorepass "$KEYSTOREPW"
    echo "Certificates successfuly created."
 }

-cert
+cert "$@"
--- a/tests/test_tickets.py
+++ b/tests/test_tickets.py
@@ -1410,16 +1410,12 @@ def test_ticket_104():
    try:
        url = db.get_config().get("Connection", "url")

-        try:
        from urllib.parse import urlparse
-        except BaseException:
-            # python2
-            from urlparse import urlparse
        _fullurl = urlparse(url)
        _netloc = _fullurl.netloc
        _basepath = _fullurl.path

-        wrongbasepath = _netloc + "/wrongcontextroot/"
+        wrongbasepath = _fullurl.scheme + "://" + _netloc + "/wrongcontextroot/"
        with pytest.raises(CaosDBException):
            db.configure_connection(url=wrongbasepath)._login()
    finally: