tests: include loopback address in alternative names when generating …

…certs for localhost Signed-off-by: Reuben Miller <reuben.d.miller@gmail.com>
thin-edge · Jun 19, 2024 · 05ca442 · 05ca442
1 parent bc7a9bc
commit 05ca442
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 6 deletions.
diff --git a/crates/common/axum_tls/test_data/_regenerate_certs.sh b/crates/common/axum_tls/test_data/_regenerate_certs.sh
@@ -6,7 +6,7 @@
 days=365000
 args=("-days" "$days" "-noenc" \
         -subj "/CN=localhost" \
-        -addext "subjectAltName=DNS:localhost,DNS:*.localhost" \
+        -addext "subjectAltName=DNS:localhost,DNS:*.localhost,IP:127.0.0.1" \
         -addext "basicConstraints=critical,CA:false")
 
 set -eux

diff --git a/tests/RobotFramework/tests/cumulocity/configuration/generate_certificates.sh b/tests/RobotFramework/tests/cumulocity/configuration/generate_certificates.sh
@@ -30,7 +30,7 @@ authorityKeyIdentifier=keyid
 basicConstraints=CA:FALSE
 keyUsage = digitalSignature, keyAgreement
 extendedKeyUsage = serverAuth, clientAuth
-subjectAltName=DNS:localhost,IP:$C8Y_PROXY_COMMON_NAME
+subjectAltName=DNS:localhost,IP:$C8Y_PROXY_COMMON_NAME,IP:127.0.0.1
 EOF
 
 openssl x509 -req \
@@ -49,7 +49,7 @@ authorityKeyIdentifier=keyid
 basicConstraints=CA:FALSE
 keyUsage = digitalSignature, keyAgreement
 extendedKeyUsage = serverAuth, clientAuth
-subjectAltName=DNS:localhost,IP:$FTS_COMMON_NAME
+subjectAltName=DNS:localhost,IP:$FTS_COMMON_NAME,IP:127.0.0.1
 EOF
 
 openssl genrsa -out main-agent.key 2048

diff --git a/tests/RobotFramework/tests/mqtt/gen_certs.sh b/tests/RobotFramework/tests/mqtt/gen_certs.sh
@@ -21,7 +21,7 @@ cat > v3.ext << EOF
 authorityKeyIdentifier=keyid
 basicConstraints=CA:FALSE
 keyUsage = digitalSignature, keyAgreement
-subjectAltName=DNS:$(hostname),DNS:localhost
+subjectAltName=DNS:$(hostname),DNS:localhost,IP:127.0.0.1
 EOF
 
 openssl x509 -req \

diff --git a/tests/images/debian-systemd/files/bootstrap.sh b/tests/images/debian-systemd/files/bootstrap.sh
@@ -695,7 +695,7 @@ gen_certs() {
     authorityKeyIdentifier=keyid
     basicConstraints=CA:FALSE
     keyUsage = digitalSignature, keyAgreement
-    subjectAltName=DNS:$(hostname), DNS:localhost
+    subjectAltName=DNS:$(hostname), DNS:localhost, IP:127.0.0.1
 EOF
 
     openssl x509 -req \
@@ -774,7 +774,7 @@ authorityKeyIdentifier=keyid
 basicConstraints=CA:FALSE
 keyUsage = digitalSignature, keyAgreement
 extendedKeyUsage = serverAuth, clientAuth
-subjectAltName=DNS:${CN},DNS:localhost
+subjectAltName=DNS:${CN},DNS:localhost,IP:127.0.0.1
 EOF
     )