Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Support admin API authentication with SSL certificates #1747

Merged
merged 38 commits into from
Jul 21, 2020
Merged

feat: Support admin API authentication with SSL certificates #1747

Show file tree
Hide file tree
Changes from 18 commits
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
bc33857
Client-to-server authentication with HTTPS client certificates
johzchen Jun 20, 2020
1074440
test
johzchen Jun 20, 2020
844118c
fix: admin port
johzchen Jun 20, 2020
0a972c8
fix: https
johzchen Jun 20, 2020
408df70
test
johzchen Jun 20, 2020
ba41a01
test
johzchen Jun 20, 2020
32067b5
test
johzchen Jun 20, 2020
717f226
test
johzchen Jun 20, 2020
b9d2af9
fix lint error
johzchen Jun 20, 2020
73b311d
test
johzchen Jun 20, 2020
22cbe7d
test
johzchen Jun 20, 2020
ac1c52e
test
johzchen Jun 20, 2020
c67ec40
new cert
johzchen Jun 20, 2020
9ce5960
fix: domain
johzchen Jun 20, 2020
d349020
fix: domain
johzchen Jun 20, 2020
5addff3
config option
johzchen Jun 21, 2020
acf0d6c
Merge branch 'apisix/master' into cli-srv-auth
johzchen Jun 21, 2020
3421255
doc
johzchen Jun 21, 2020
03487a6
optimize
johzchen Jun 22, 2020
a71cd51
optimize
johzchen Jun 22, 2020
e57b026
optimize
johzchen Jun 22, 2020
f0c21b1
fix error
johzchen Jun 22, 2020
9104603
fix path error
johzchen Jun 22, 2020
beb4d3e
check http status after call mtls admin api
johzchen Jun 22, 2020
1ba44f1
remove useless config file
johzchen Jun 22, 2020
62b916f
set default path for mTLS certs
johzchen Jun 22, 2020
3219d85
fix text style
johzchen Jun 24, 2020
ac82691
fix: naming
johzchen Jun 24, 2020
586c1bc
more test cases
johzchen Jun 24, 2020
b9591f0
fix lint check
johzchen Jun 24, 2020
d479370
fix error
johzchen Jun 24, 2020
450e926
test
johzchen Jun 24, 2020
988253c
update doc for admin api mTLS
johzchen Jun 24, 2020
83a45b8
Merge branch 'master' into cli-srv-auth
johzchen Jul 16, 2020
473a59b
fix lint
johzchen Jul 16, 2020
a689132
fix etcd version
johzchen Jul 16, 2020
e256756
Merge branch 'master' into cli-srv-auth
johzchen Jul 17, 2020
b0838e8
run mTLS test cases with github ations
johzchen Jul 17, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ matrix:
services:
- docker
env: OSNAME=linux_openresty
- os: linux
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

run this test case in Github Action, the Travis-CI is slow.

what do you think? @nic-chen

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's good. I will try to move to github actions.

env: OSNAME=linux_openresty_two_side_ssl_auth
nic-chen marked this conversation as resolved.
Show resolved Hide resolved
- os: osx
env: OSNAME=osx_openresty
cache:
Expand Down Expand Up @@ -40,6 +42,8 @@ addons:
- etcd
homebrew:
update: true
hosts:
- admin.apisix.dev

cache:
directories:
Expand Down
136 changes: 136 additions & 0 deletions .travis/linux_openresty_two_side_ssl_auth_runner.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,136 @@
#!/usr/bin/env bash
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

set -ex

export_or_prefix() {
export OPENRESTY_PREFIX="/usr/local/openresty-debug"
}

create_lua_deps() {
echo "Create lua deps cache"

make deps
luarocks install luacov-coveralls --tree=deps --local > build.log 2>&1 || (cat build.log && exit 1)

sudo rm -rf build-cache/deps
sudo cp -r deps build-cache/
sudo cp rockspec/apisix-master-0.rockspec build-cache/
}

before_install() {
sudo cpanm --notest Test::Nginx >build.log 2>&1 || (cat build.log && exit 1)
}

do_install() {
export_or_prefix

wget -qO - https://openresty.org/package/pubkey.gpg | sudo apt-key add -
sudo apt-get -y update --fix-missing
sudo apt-get -y install software-properties-common
sudo add-apt-repository -y "deb http://openresty.org/package/ubuntu $(lsb_release -sc) main"
sudo add-apt-repository -y ppa:longsleep/golang-backports

sudo apt-get update
sudo apt-get install openresty-debug lua5.1 liblua5.1-0-dev

wget https://github.com/luarocks/luarocks/archive/v2.4.4.tar.gz
tar -xf v2.4.4.tar.gz
cd luarocks-2.4.4
./configure --prefix=/usr > build.log 2>&1 || (cat build.log && exit 1)
make build > build.log 2>&1 || (cat build.log && exit 1)
sudo make install > build.log 2>&1 || (cat build.log && exit 1)
cd ..
rm -rf luarocks-2.4.4

sudo luarocks install luacheck > build.log 2>&1 || (cat build.log && exit 1)


if [ ! -f "build-cache/apisix-master-0.rockspec" ]; then
create_lua_deps

else
src=`md5sum rockspec/apisix-master-0.rockspec | awk '{print $1}'`
src_cp=`md5sum build-cache/apisix-master-0.rockspec | awk '{print $1}'`
if [ "$src" = "$src_cp" ]; then
echo "Use lua deps cache"
sudo cp -r build-cache/deps ./
else
create_lua_deps
fi
fi

# sudo apt-get install tree -y
# tree deps

git clone https://github.com/iresty/test-nginx.git test-nginx
make utils

git clone https://github.com/apache/openwhisk-utilities.git .travis/openwhisk-utilities
cp .travis/ASF* .travis/openwhisk-utilities/scancode/

ls -l ./
}

script() {
export_or_prefix
export PATH=$OPENRESTY_PREFIX/nginx/sbin:$OPENRESTY_PREFIX/luajit/bin:$OPENRESTY_PREFIX/bin:$PATH
openresty -V
sudo service etcd start

mv -f ./conf/config-for-two-side-ssl-auth.yaml ./conf/config.yaml
nic-chen marked this conversation as resolved.
Show resolved Hide resolved

./bin/apisix help
./bin/apisix init
./bin/apisix init_etcd
./bin/apisix start

sleep 1
cat logs/error.log


curl --cacert ./conf/cert/two_side_ca.crt --key ./conf/cert/two_side_client.key --cert ./conf/cert/two_side_client.crt -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' https://admin.apisix.dev:9180/apisix/admin/routes

./bin/apisix stop
sleep 1

make lint && make license-check || exit 1
}

after_success() {
cat luacov.stats.out
luacov-coveralls
}

case_opt=$1
shift

case ${case_opt} in
before_install)
before_install "$@"
;;
do_install)
do_install "$@"
;;
script)
script "$@"
;;
after_success)
after_success "$@"
;;
esac
13 changes: 13 additions & 0 deletions bin/apisix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -290,13 +290,26 @@ http {
server {
{%if https_admin then%}
listen {* port_admin *} ssl;

{%if ssl.verify_client then%}
ssl_certificate cert/two_side_server.crt;
ssl_certificate_key cert/two_side_server.key;
{% else %}
ssl_certificate cert/apisix_admin_ssl.crt;
ssl_certificate_key cert/apisix_admin_ssl.key;
{%end%}

ssl_session_cache shared:SSL:1m;

ssl_protocols {* ssl.ssl_protocols *};
ssl_ciphers {* ssl.ssl_ciphers *};
ssl_prefer_server_ciphers on;

{%if ssl.verify_client then%}
ssl_client_certificate cert/two_side_ca.crt;
ssl_verify_client on;
{%end%}

{% else %}
listen {* port_admin *};
{%end%}
Expand Down
20 changes: 20 additions & 0 deletions conf/cert/two_side_ca.crt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDSjCCAjICCQDmBdlKmGaJITANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJj
bjESMBAGA1UECAwJR3VhbmdEb25nMQ8wDQYDVQQHDAZaaHVIYWkxDTALBgNVBAoM
BGFwaTcxDDAKBgNVBAsMA29wczEWMBQGA1UEAwwNY2EuYXBpc2l4LmRldjAeFw0y
MDA2MjAxMzEzNDFaFw0zMDA2MTgxMzEzNDFaMGcxCzAJBgNVBAYTAmNuMRIwEAYD
VQQIDAlHdWFuZ0RvbmcxDzANBgNVBAcMBlpodUhhaTENMAsGA1UECgwEYXBpNzEM
MAoGA1UECwwDb3BzMRYwFAYDVQQDDA1jYS5hcGlzaXguZGV2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun+Gq/bp7CcZ9i5ZdjuCvyZVXsiAaBELVi/Q
QQtC90z5aQyWudTPB1Lcpk5HosbT73eHh03hFCRMFv6Miase1T59KJ4zGSFKoFEr
j2cbNmWFJEhTGce1pn52zMzZrXERYhKBA0n4bwHK/IND0XeEZ2RQPtGnGBqj3vKL
3px+mOzIeMy4VMSkIkL2jlgo5jN0IjQIsvHRSrhIWzFhr6qtIJhuh0oI6gs+/yvA
vspGeVFtIg/1PY3bOgFfhJg08/Aw7vgMjmADypEbBabLaWOZ8RZ3Ci2is6cL/1wX
Sr8OIIBXTmTGmXEuSsMsBgC7BFwEY4XEsGx8QQJsrh1dSf2t0QIDAQABMA0GCSqG
SIb3DQEBBQUAA4IBAQCKC98wWieC66NHAYb9ICOwr+XTmoFABpFNaM4bPXMD4IUq
BaMGfBh92e4ANz2bm1D3J0ZNH3TVC7OhF2ymi6wSMde/Ygkh5xu2HgTEX2QTDQVd
J27jwEIe45VLdvuu33jvE/iNNQHI6J6zP45gs/FS+CwMoYRnNcC+428YUf9XMcgM
UkeMOnnkhw1OUzmoACY705hAEAPFbb7KkQ109lgbh6cucMy7Nw/N1t6Pyuxlqteg
d8Wy6VFYPRRK43dYoA9B0yvsZCERvxgR1IrDjo0B2wIDzM4eM6ldLfnr8pPnBFfS
g/Pdo6VZsXeSv3o00lBEY/25Vqxn3sPBK4E7a+mX
-----END CERTIFICATE-----
69 changes: 69 additions & 0 deletions conf/cert/two_side_client.crt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 64207 (0xfacf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=cn, ST=GuangDong, L=ZhuHai, O=api7, OU=ops, CN=ca.apisix.dev
Validity
Not Before: Jun 20 13:15:00 2020 GMT
Not After : Jul 8 13:15:00 2030 GMT
Subject: C=cn, ST=GuangDong, O=api7, L=ZhuHai, CN=client.apisix.dev
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:9f:28:8f:2e:88:41:ff:89:f6:62:91:29:d1:6b:
7f:c4:d8:1e:28:85:55:91:c2:3a:3f:23:1c:83:11:
6a:26:81:1e:2d:2e:4d:69:48:98:4f:ff:84:82:2d:
6b:8c:41:31:56:4d:b4:aa:b7:52:05:63:2e:19:6d:
54:87:1f:21:a8:34:f9:89:1a:b1:d1:24:21:84:fa:
c8:29:7f:39:f4:1a:35:78:95:74:0f:24:3d:24:e8:
64:75:09:7d:8c:a3:54:d6:74:5a:92:27:f1:dc:e4:
04:30:71:01:67:3d:fa:0b:03:0b:01:cb:8c:aa:ae:
59:9f:f7:a6:40:53:2b:65:ff:b6:64:8d:fe:0f:ee:
62:64:24:7b:4c:fd:68:12:47:4a:46:86:36:53:00:
64:5f:e4:32:56:a0:ee:75:92:2d:e2:dc:92:3e:d7:
99:8e:86:69:e7:0a:99:e4:b2:71:95:3d:f9:7d:da:
af:76:1f:3f:f8:bf:78:aa:13:e5:13:84:f6:11:a5:
c1:9b:9d:d7:73:32:f3:da:09:78:9a:be:0f:01:fe:
ed:8b:55:b9:f8:97:46:9d:6a:6a:90:19:ea:4e:02:
30:ff:d7:1a:da:39:53:f6:5b:6d:96:d0:fc:ed:0d:
72:78:ac:b7:be:71:aa:4d:4b:8a:06:b9:25:1f:90:
81:0d
Exponent: 65537 (0x10001)
Signature Algorithm: sha256WithRSAEncryption
72:a7:1f:15:21:ba:4f:e7:2f:64:a0:e5:40:7c:e0:ea:09:7b:
95:cf:80:d0:6f:54:c2:8d:d1:cf:cd:00:f2:95:20:f9:e2:9e:
f5:1c:1b:f9:87:78:a7:b1:3f:31:34:b0:c8:1a:44:da:2c:ef:
93:76:d7:df:44:5f:27:6a:51:cb:09:f2:32:f4:70:db:50:da:
4e:49:41:75:e0:d2:7b:4d:0b:8b:6e:0a:02:0a:00:e9:ce:f3:
bf:72:e6:14:86:df:a7:b9:ef:09:80:a1:52:a7:69:b8:23:7a:
3d:3d:cc:6d:64:91:7b:c0:9a:98:2a:a3:17:95:0a:ee:e1:ed:
f2:be:02:ea:cb:6e:c1:82:4d:a1:e8:03:9a:46:d6:d7:07:0f:
12:50:7e:95:5c:6c:17:f0:40:34:81:5b:74:90:8e:24:6a:5f:
8e:77:ff:4d:67:c3:a9:1b:39:e2:ca:62:b6:89:ca:c6:86:f1:
95:36:2b:cf:96:a5:6e:89:0e:e6:dc:88:78:f0:7d:09:e9:53:
65:35:e9:72:a2:be:1c:5e:b8:a6:2b:57:f2:0d:2f:4b:31:8f:
f7:d9:ad:a3:58:12:bb:c9:5b:38:79:96:5b:c8:74:d2:e6:79:
23:e6:bd:be:74:25:42:2c:fa:50:ea:9f:53:28:6d:35:f3:0e:
9b:82:15:70
-----BEGIN CERTIFICATE-----
MIIDOjCCAiICAwD6zzANBgkqhkiG9w0BAQsFADBnMQswCQYDVQQGEwJjbjESMBAG
A1UECAwJR3VhbmdEb25nMQ8wDQYDVQQHDAZaaHVIYWkxDTALBgNVBAoMBGFwaTcx
DDAKBgNVBAsMA29wczEWMBQGA1UEAwwNY2EuYXBpc2l4LmRldjAeFw0yMDA2MjAx
MzE1MDBaFw0zMDA3MDgxMzE1MDBaMF0xCzAJBgNVBAYTAmNuMRIwEAYDVQQIDAlH
dWFuZ0RvbmcxDTALBgNVBAoMBGFwaTcxDzANBgNVBAcMBlpodUhhaTEaMBgGA1UE
AwwRY2xpZW50LmFwaXNpeC5kZXYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCfKI8uiEH/ifZikSnRa3/E2B4ohVWRwjo/IxyDEWomgR4tLk1pSJhP/4SC
LWuMQTFWTbSqt1IFYy4ZbVSHHyGoNPmJGrHRJCGE+sgpfzn0GjV4lXQPJD0k6GR1
CX2Mo1TWdFqSJ/Hc5AQwcQFnPfoLAwsBy4yqrlmf96ZAUytl/7Zkjf4P7mJkJHtM
/WgSR0pGhjZTAGRf5DJWoO51ki3i3JI+15mOhmnnCpnksnGVPfl92q92Hz/4v3iq
E+UThPYRpcGbnddzMvPaCXiavg8B/u2LVbn4l0adamqQGepOAjD/1xraOVP2W22W
0PztDXJ4rLe+capNS4oGuSUfkIENAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAHKn
HxUhuk/nL2Sg5UB84OoJe5XPgNBvVMKN0c/NAPKVIPninvUcG/mHeKexPzE0sMga
RNos75N2199EXydqUcsJ8jL0cNtQ2k5JQXXg0ntNC4tuCgIKAOnO879y5hSG36e5
7wmAoVKnabgjej09zG1kkXvAmpgqoxeVCu7h7fK+AurLbsGCTaHoA5pG1tcHDxJQ
fpVcbBfwQDSBW3SQjiRqX453/01nw6kbOeLKYraJysaG8ZU2K8+WpW6JDubciHjw
fQnpU2U16XKivhxeuKYrV/INL0sxj/fZraNYErvJWzh5llvIdNLmeSPmvb50JUIs
+lDqn1MobTXzDpuCFXA=
-----END CERTIFICATE-----
27 changes: 27 additions & 0 deletions conf/cert/two_side_client.key
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAnyiPLohB/4n2YpEp0Wt/xNgeKIVVkcI6PyMcgxFqJoEeLS5N
aUiYT/+Egi1rjEExVk20qrdSBWMuGW1Uhx8hqDT5iRqx0SQhhPrIKX859Bo1eJV0
DyQ9JOhkdQl9jKNU1nRakifx3OQEMHEBZz36CwMLAcuMqq5Zn/emQFMrZf+2ZI3+
D+5iZCR7TP1oEkdKRoY2UwBkX+QyVqDudZIt4tySPteZjoZp5wqZ5LJxlT35fdqv
dh8/+L94qhPlE4T2EaXBm53XczLz2gl4mr4PAf7ti1W5+JdGnWpqkBnqTgIw/9ca
2jlT9lttltD87Q1yeKy3vnGqTUuKBrklH5CBDQIDAQABAoIBAHDe5bPdQ9jCcW3z
fpGax/DER5b6//UvpfkSoGy/E+Wcmdb2yEVLC2FoVwOuzF+Z+DA5SU/sVAmoDZBQ
vapZxJeygejeeo5ULkVNSFhNdr8LOzJ54uW+EHK1MFDj2xq61jaEK5sNIvRA7Eui
SJl8FXBrxwmN3gNJRBwzF770fImHUfZt0YU3rWKw5Qin7QnlUzW2KPUltnSEq/xB
kIzyWpuj7iAm9wTjH9Vy06sWCmxj1lzTTXlanjPb1jOTaOhbQMpyaAzRgQN8PZiE
YKCarzVj7BJr7/vZYpnQtQDY12UL5n33BEqMP0VNHVqv+ZO3bktfvlwBru5ZJ7Cf
URLsSc0CgYEAyz7FzV7cZYgjfUFD67MIS1HtVk7SX0UiYCsrGy8zA19tkhe3XVpc
CZSwkjzjdEk0zEwiNAtawrDlR1m2kverbhhCHqXUOHwEpujMBjeJCNUVEh3OABr8
vf2WJ6D1IRh8FA5CYLZP7aZ41fcxAnvIPAEThemLQL3C4H5H5NG2WFsCgYEAyHhP
onpS/Eo/OXKYFLR/mvjizRVSomz1lVVL+GWMUYQsmgsPyBJgyAOX3Pqt9catgxhM
DbEr7EWTxth3YeVzamiJPNVK0HvCax9gQ0KkOmtbrfN54zBHOJ+ieYhsieZLMgjx
iu7Ieo6LDGV39HkvekzutZpypiCpKlMaFlCFiLcCgYEAmAgRsEj4Nh665VPvuZzH
ZIgZMAlwBgHR7/v6l7AbybcVYEXLTNJtrGEEH6/aOL8V9ogwwZuIvb/TEidCkfcf
zg/pTcGf2My0MiJLk47xO6EgzNdso9mMG5ZYPraBBsuo7NupvWxCp7NyCiOJDqGH
K5NmhjInjzsjTghIQRq5+qcCgYEAxnm/NjjvslL8F69p/I3cDJ2/RpaG0sMXvbrO
VWaMryQyWGz9OfNgGIbeMu2Jj90dar6ChcfUmb8lGOi2AZl/VGmc/jqaMKFnElHl
J5JyMFicUzPMiG8DBH+gB71W4Iy+BBKwugHBQP2hkytewQ++PtKuP+RjADEz6vCN
0mv0WS8CgYBnbMRP8wIOLJPRMw/iL9BdMf606X4xbmNn9HWVp2mH9D3D51kDFvls
7y2vEaYkFv3XoYgVN9ZHDUbM/YTUozKjcAcvz0syLQb8wRwKeo+XSmo09+360r18
zRugoE7bPl39WdGWaW3td0qf1r9z3sE2iWUTJPRQ3DYpsLOYIgyKmw==
-----END RSA PRIVATE KEY-----
69 changes: 69 additions & 0 deletions conf/cert/two_side_server.crt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 64206 (0xface)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=cn, ST=GuangDong, L=ZhuHai, O=api7, OU=ops, CN=ca.apisix.dev
Validity
Not Before: Jun 20 13:14:34 2020 GMT
Not After : Jun 18 13:14:34 2030 GMT
Subject: C=cn, ST=GuangDong, O=api7, L=ZhuHai, CN=admin.apisix.dev
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:9b:45:2a:e1:c9:6e:a7:af:af:bd:46:5c:5e:5f:
72:66:02:78:69:16:fd:f9:69:8e:47:68:0f:8d:35:
92:c4:14:40:5c:cf:57:3d:41:ea:13:7b:f4:de:c8:
ab:e8:62:56:1e:60:61:f6:38:65:5f:30:b5:91:25:
79:07:12:45:ce:24:31:86:1f:2c:a6:cb:1d:8b:4b:
9e:5f:1f:c7:b6:f3:e8:98:ee:b3:70:c7:9e:5d:10:
ce:29:e4:22:68:69:9e:df:ae:f6:bb:11:e8:b8:f1:
07:bf:2d:d5:57:f2:e4:07:8a:da:d2:7b:8a:53:d1:
b4:f4:42:19:9a:14:98:01:3e:23:27:3a:0f:ad:d0:
1d:c5:31:9a:ee:ae:df:7f:fb:2e:34:0b:51:ca:b4:
8c:59:ae:86:5f:95:69:2b:4a:c6:2d:a5:ae:04:46:
7a:93:09:15:72:0a:78:ef:98:7d:00:b5:b4:b2:f2:
e2:a9:2e:04:fb:de:84:ad:da:8e:a3:31:53:3a:d5:
91:cd:77:f5:b8:ea:eb:14:aa:d9:62:d1:12:79:87:
08:27:6d:c1:b9:e3:7d:f1:07:52:3c:a3:34:6a:c1:
96:cf:a2:84:cc:14:50:49:40:0b:38:3c:3b:1e:df:
57:6f:f2:05:35:92:9b:4f:b1:21:0b:f7:62:3a:2d:
83:c7
Exponent: 65537 (0x10001)
Signature Algorithm: sha256WithRSAEncryption
7a:1c:a3:d8:d4:97:5d:91:d2:c8:31:c4:40:ef:f1:38:ac:5c:
b9:74:66:81:94:4f:71:02:38:49:5a:0d:7b:10:17:73:a5:96:
3e:de:0e:a4:75:8c:1b:c7:51:f9:f6:eb:9d:f4:bd:4c:1c:92:
41:d0:16:c6:73:c1:f9:7c:b6:71:7d:16:53:13:fa:70:90:c0:
95:e3:a3:51:30:96:02:f2:32:32:fe:a9:d1:ef:c5:7e:04:58:
ca:20:ef:d0:43:8c:52:8d:52:3a:71:ed:0f:87:4e:8b:c6:28:
51:56:13:fd:71:81:10:cc:2f:2c:aa:8d:6a:93:d7:52:34:08:
23:7b:2b:a7:a4:3e:6b:8f:c3:af:59:b9:1c:b8:d8:6c:a3:88:
c7:bd:b5:e1:eb:6b:6a:f2:7d:a3:89:c6:b0:21:f8:1b:9a:dc:
bf:ef:d6:21:91:7f:65:99:4d:f4:49:24:ab:46:09:a0:c9:a1:
64:14:f4:56:73:ce:1b:22:dd:b7:1f:58:0f:29:ae:6a:6e:41:
6e:b4:5c:90:97:4e:59:4e:cf:e3:a1:89:d1:5a:65:a3:68:2f:
b9:97:82:6f:4c:21:cb:f6:9b:7d:fd:d8:07:70:14:cd:10:fb:
bf:03:70:fa:51:7c:56:4c:1b:a5:87:d3:1b:18:5c:22:87:6f:
04:08:59:53
-----BEGIN CERTIFICATE-----
MIIDOTCCAiECAwD6zjANBgkqhkiG9w0BAQsFADBnMQswCQYDVQQGEwJjbjESMBAG
A1UECAwJR3VhbmdEb25nMQ8wDQYDVQQHDAZaaHVIYWkxDTALBgNVBAoMBGFwaTcx
DDAKBgNVBAsMA29wczEWMBQGA1UEAwwNY2EuYXBpc2l4LmRldjAeFw0yMDA2MjAx
MzE0MzRaFw0zMDA2MTgxMzE0MzRaMFwxCzAJBgNVBAYTAmNuMRIwEAYDVQQIDAlH
dWFuZ0RvbmcxDTALBgNVBAoMBGFwaTcxDzANBgNVBAcMBlpodUhhaTEZMBcGA1UE
AwwQYWRtaW4uYXBpc2l4LmRldjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtFKuHJbqevr71GXF5fcmYCeGkW/flpjkdoD401ksQUQFzPVz1B6hN79N7I
q+hiVh5gYfY4ZV8wtZEleQcSRc4kMYYfLKbLHYtLnl8fx7bz6Jjus3DHnl0Qzink
Imhpnt+u9rsR6LjxB78t1Vfy5AeK2tJ7ilPRtPRCGZoUmAE+Iyc6D63QHcUxmu6u
33/7LjQLUcq0jFmuhl+VaStKxi2lrgRGepMJFXIKeO+YfQC1tLLy4qkuBPvehK3a
jqMxUzrVkc139bjq6xSq2WLREnmHCCdtwbnjffEHUjyjNGrBls+ihMwUUElACzg8
Ox7fV2/yBTWSm0+xIQv3Yjotg8cCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAehyj
2NSXXZHSyDHEQO/xOKxcuXRmgZRPcQI4SVoNexAXc6WWPt4OpHWMG8dR+fbrnfS9
TBySQdAWxnPB+Xy2cX0WUxP6cJDAleOjUTCWAvIyMv6p0e/FfgRYyiDv0EOMUo1S
OnHtD4dOi8YoUVYT/XGBEMwvLKqNapPXUjQII3srp6Q+a4/Dr1m5HLjYbKOIx721
4etravJ9o4nGsCH4G5rcv+/WIZF/ZZlN9Ekkq0YJoMmhZBT0VnPOGyLdtx9YDymu
am5BbrRckJdOWU7P46GJ0Vplo2gvuZeCb0why/abff3YB3AUzRD7vwNw+lF8Vkwb
pYfTGxhcIodvBAhZUw==
-----END CERTIFICATE-----
27 changes: 27 additions & 0 deletions conf/cert/two_side_server.key
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
nic-chen marked this conversation as resolved.
Show resolved Hide resolved
MIIEowIBAAKCAQEAm0Uq4clup6+vvUZcXl9yZgJ4aRb9+WmOR2gPjTWSxBRAXM9X
PUHqE3v03sir6GJWHmBh9jhlXzC1kSV5BxJFziQxhh8spssdi0ueXx/HtvPomO6z
cMeeXRDOKeQiaGme3672uxHouPEHvy3VV/LkB4ra0nuKU9G09EIZmhSYAT4jJzoP
rdAdxTGa7q7ff/suNAtRyrSMWa6GX5VpK0rGLaWuBEZ6kwkVcgp475h9ALW0svLi
qS4E+96ErdqOozFTOtWRzXf1uOrrFKrZYtESeYcIJ23BueN98QdSPKM0asGWz6KE
zBRQSUALODw7Ht9Xb/IFNZKbT7EhC/diOi2DxwIDAQABAoIBAC3NJW0dAissw+ZN
Twn3lcNJj0NQqPJdlL6zj4LT/ssgPiwibVWAkA/XTNA62ZrfBxBG1h7PW/fMYoLC
TwUq+rRoMMOjhoRc/gYM9FaTBVKOeFpEb2IhQDGrt2TcCtpJ7beF4PolukRztRlL
59bdqy4eY5YbIx6+iWZT6UFuObiDqi7i4SLWEgK+/P4Uk8/SmhVqIWcj1m3SPK6I
YbzsgXiT64fNd7/O06ISKia1UzvUCtH7tbxWxCvsqw+PqQT+YuEmNY1pOQGYp0dU
4ndzvrP0Ajuu3xH7aYP/Kilkz69PPMLygwNey4HRIAuUqw/HBfTR0/ccRSuhrYxb
9QaOP0ECgYEAyuqLo/tjWrFiJnDbhK3z2qcydktFS58da2QitSRYlQ6AQXjZ3+v7
buL1QV59aXzIGTZz3gjO+omdpfIagBI47YnWIUtj+NylNROWv+aZXQwgC7ayQWTg
eBu8L2YXBvAR9TgHhqj3Fl4YcuipVE3XFVjjvLjrbE1nssMmaJqi95kCgYEAw+O7
Zdj/NedbI2GtnZv31YlLmrMdtmeAmU2x8eC5v30Kx3GCU9DdZzImsaYxxjfSL+6c
eP/DF8JHWIGo9GQPcMSijHsaNMIwgv6+5rx+Lp/zsjwRApJsVQeoff2ZdWjnFsi3
rRHE8QZfWMqcnOsr4io7xfVd3t4tV22BBrnt8l8CgYEAncU3xcxUN9PryI+/Xq4S
CFQvvCJSQrX4neNByS31Yg/gUQex/5Tv7guxPZ5GTJqkylW4SU73/3y4gqp3SFTi
xm6Be2mu1XRZT6dnctXNMLeYwwLOHmJc1YZbD0+FX/ORQuTJlT4Sv+VxhQa5gb70
GLkAeWAeTBrzId7yIir5wyECgYAw2iJqC+vZrZD1Ce8aV0M/ZbYNJo5KZxWTJeUy
xTCNqMl/Y7d036nXipJLy36uSE2K1p7/LgmhazoPwIY6LJoNLXy8PBcVATjH8m/5
axis2AcWdBRp58pMilRi11PmC/tVm0jzSHMtCMHOivjzyVJwXMf7Xm3CnvX/z7dV
zhihUQKBgHWtWfNk/svgLp6w8T6aMgyAb9ud5pX/CbNZhGNRqhPhJkss1tFr6/Mv
bJiZoEP3C0sDdA1JRuMkXm5EE60xyhzCNmv5H0cQ3C2Y9Q9ly89ggwIXNiNfKWpP
VrdvXQ3NkP/RaDy83B9dN2Jb6lUpcNQnB5Q5yAlsYaYgsGBedcvc
-----END RSA PRIVATE KEY-----
Loading