Mercurial > libervia-backend

view docker/backend-dev-e2e/certificates/README @ 4219:1b5cf2ee1d86

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
plugin XEP-0384, XEP-0391: download missing devices list: when a peer jid was not in our roster, devices list was not retrieved, resulting in failed en/decryption. This patch does check it and download missing devices list in necessary. There is no subscription managed yet, so the list won't be updated in case of new devices, this should be addressed at some point.
author Goffi <goffi@goffi.org>
date Tue, 05 Mar 2024 17:31:36 +0100
parents 73e04040d577
children
line wrap: on
line source

Those certificates are used to activate TLS for end-2-end testing (to be as
close as possible as production environment), they are used in other containers
needing TLS certificates (notably Prosody).

To generate them, minica has been used. Minica can be found at https://github.com/jsha/minica.

The following commands have been used:

$ minica --domains "server1.test,*.server1.test,server2.test,server3.test,libervia-backend.test,libervia-web.test"
$ chmod 0644 minica.pem server1.test/cert.pem && chmod 0640 server1.test/key.pem

Note that certificates are valid for 2 years and 30 days, so they must be renewed after this delay.