Mercurial > libervia-backend

view docker/backend-dev-e2e/certificates/README @ 4240:79c8a70e1813

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
backend, frontend: prepare remote control: This is a series of changes necessary to prepare the implementation of remote control feature: - XEP-0166: add a `priority` attribute to `ApplicationData`: this is needed when several applications are working in a same session, to know which one must be handled first. Will be used to make Remote Control have precedence over Call content. - XEP-0166: `_call_plugins` is now async and is not used with `DeferredList` anymore: the benefit to have methods called in parallels is very low, and it cause a lot of trouble as we can't predict order. Methods are now called sequentially so workflow can be predicted. - XEP-0167: fix `senders` XMPP attribute <=> SDP mapping - XEP-0234: preflight acceptance key is now `pre-accepted` instead of `file-accepted`, so the same key can be used with other jingle applications. - XEP-0167, XEP-0343: move some method to XEP-0167 - XEP-0353: use new `priority` feature to call preflight methods of applications according to it. - frontend (webrtc): refactor the sources/sink handling with a more flexible mechanism based on Pydantic models. It is now possible to have has many Data Channel as necessary, to have them in addition to A/V streams, to specify manually GStreamer sources and sinks, etc. - frontend (webrtc): rework of the pipeline to reduce latency. - frontend: new `portal_desktop` method. Screenshare portal handling has been moved there, and RemoteDesktop portal has been added. - frontend (webrtc): fix `extract_ufrag_pwd` method. rel 436
author Goffi <goffi@goffi.org>
date Sat, 11 May 2024 13:52:41 +0200
parents 73e04040d577
children
line wrap: on
line source

Those certificates are used to activate TLS for end-2-end testing (to be as
close as possible as production environment), they are used in other containers
needing TLS certificates (notably Prosody).

To generate them, minica has been used. Minica can be found at https://github.com/jsha/minica.

The following commands have been used:

$ minica --domains "server1.test,*.server1.test,server2.test,server3.test,libervia-backend.test,libervia-web.test"
$ chmod 0644 minica.pem server1.test/cert.pem && chmod 0640 server1.test/key.pem

Note that certificates are valid for 2 years and 30 days, so they must be renewed after this delay.