From a783b8a27139848119f289370d6491e3ab73f4e3 Mon Sep 17 00:00:00 2001 From: Christoph Zwerschke Date: Wed, 8 Nov 2023 11:22:55 +0000 Subject: [PATCH] Rename certificates to make more sense --- .devcontainer/docker-compose.yml | 4 ++-- .devcontainer/kafka_secrets/create_secrets.sh | 7 +++---- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index fc97ba8f..3ed35b62 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -43,10 +43,10 @@ services: KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://localhost:9092,SSL://localhost:19092 KAFKA_INTER_BROKER_LISTENER_NAME: PLAINTEXT KAFKA_DELETE_TOPIC_ENABLE: "true" - KAFKA_SSL_KEYSTORE_FILENAME: kafka.keystore.jks + KAFKA_SSL_KEYSTORE_FILENAME: broker.keystore.jks KAFKA_SSL_KEYSTORE_CREDENTIALS: pwd.txt KAFKA_SSL_KEY_CREDENTIALS: pwd.txt - KAFKA_SSL_TRUSTSTORE_FILENAME: kafka.truststore.jks + KAFKA_SSL_TRUSTSTORE_FILENAME: broker.truststore.jks KAFKA_SSL_TRUSTSTORE_CREDENTIALS: pwd.txt KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: " " KAFKA_SSL_CLIENT_AUTH: required diff --git a/.devcontainer/kafka_secrets/create_secrets.sh b/.devcontainer/kafka_secrets/create_secrets.sh index 2a93d1e6..c870c7db 100755 --- a/.devcontainer/kafka_secrets/create_secrets.sh +++ b/.devcontainer/kafka_secrets/create_secrets.sh @@ -29,15 +29,14 @@ rm -f *.crt *.csr *.key *.srl *.jks *.p12 pw=testpw echo $pw > pwd.txt -# generate CA key +echo "Generate a CA key..." openssl req -new -x509 -keyout ca.key -out ca.crt -days 9999 \ -subj '/CN=ca.test.ghga.dev/OU=TEST/O=GHGA' \ -passin pass:$pw -passout pass:$pw -for component in kafka client +for component in broker client do echo "Create keystore for Kafka $component..." - # create keystore keytool -genkey -noprompt -alias $component \ -dname "CN=localhost, OU=TEST, O=GHGA" \ -keystore $component.keystore.jks \ @@ -69,4 +68,4 @@ keytool -importkeystore -srckeystore client.keystore.jks -srcalias client \ openssl pkcs12 -in client.keystore.p12 -nocerts -out client.key \ -passin pass:$pw -passout pass:$pw -rm -f kafka.crt kafka.key ca.key *.csr *.p12 *.srl +rm -f broker.crt broker.key ca.key *.csr *.p12 *.srl