Skip to content

Commit 6160308

Browse files
rusherrusher
committed
[misc] add ssl
1 parent 9235ac3 commit 6160308

File tree

2 files changed

+38
-3
lines changed

2 files changed

+38
-3
lines changed

.github/workflows/ci.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -95,6 +95,7 @@ jobs:
9595
env:
9696
LOCAL_DB: ${{ steps.mariadb-install.outputs.database-type }}
9797
DB_TYPE: ${{ matrix.db-type }}
98+
TEST_DB_SERVER_CERT: "./.github/workflows/certs/server.crt"
9899

99100
- name: Download Codecov uploader
100101
shell: bash

.github/workflows/generate-certs.sh

Lines changed: 37 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
#!/bin/bash
22

3+
# // SPDX-License-Identifier: LGPL-2.1-or-later
4+
# // Copyright (c) 2015-2025 MariaDB Corporation Ab
5+
36
# Script to generate self-signed certificates for testing
47
# CN: mariadb.example.com
58

@@ -13,16 +16,47 @@ mkdir -p certs
1316
echo "Generate CA private key"
1417
openssl genrsa 2048 > certs/ca.key
1518

19+
echo "[ req ]" > certs/ca.conf
20+
echo "prompt = no" > certs/ca.conf
21+
echo "distinguished_name = req_distinguished_name" > certs/ca.conf
22+
echo "[ req_distinguished_name ]" > certs/ca.conf
23+
echo "countryName = FR" > certs/ca.conf
24+
echo "stateOrProvinceName = Loire-atlantique" > certs/ca.conf
25+
echo "localityName = Nantes" > certs/ca.conf
26+
echo "organizationName = Home" > certs/ca.conf
27+
echo "organizationalUnitName = Lab" > certs/ca.conf
28+
echo "commonName = mariadb.example.com" > certs/ca.conf
29+
echo "emailAddress = admin@mariadb.example.com" > certs/ca.conf
30+
1631
echo "Generate CA certificate (self-signed)"
17-
openssl req -days 365 -new -x509 -nodes -key certs/ca.key -out certs/ca.crt -subj "/C=US/ST=Test/L=Test/O=Test/CN=mariadb.example.com"
32+
openssl req -days 365 -new -x509 -nodes -key certs/ca.key -out certs/ca.crt --config ca.conf
33+
34+
35+
36+
echo "[ req ]" > certs/server.conf
37+
echo "prompt = no" >> certs/server.conf
38+
echo "distinguished_name = req_distinguished_name" >> certs/server.conf
39+
echo "req_extensions = req_ext" >> certs/server.conf
40+
echo "" >> certs/server.conf
41+
echo "[ req_distinguished_name ]" >> certs/server.conf
42+
echo "countryName = FR" >> certs/server.conf
43+
echo "stateOrProvinceName = Normandie" >> certs/server.conf
44+
echo "localityName = Caen" >> certs/server.conf
45+
echo "organizationName = Home" >> certs/server.conf
46+
echo "organizationalUnitName = Lab" >> certs/server.conf
47+
echo "commonName = mariadb.example.com" >> certs/server.conf
48+
echo "emailAddress = admin@mariadb.example.com" >> certs/server.conf
49+
echo "" >> certs/server.conf
50+
echo "[ req_ext ]" >> certs/server.conf
51+
echo "subjectAltName = DNS: mariadb.example.com, IP: 127.0.0.1" >> certs/server.conf
1852

1953

2054
echo "Generating private key..."
21-
openssl req -newkey rsa:2048 -nodes -keyout certs/server.key -out certs/server.csr
55+
openssl req -newkey rsa:2048 -nodes -keyout certs/server.key -out certs/server.csr --config server.conf
2256

2357

2458
echo "Generate the certificate for the server:"
25-
openssl x509 -req -days 365 -in server.csr -out certs/server.crt -CA certs/ca.crt -CAkey certs/ca.key -extensions req_ext -subj "/C=US/ST=Test/L=Test/O=Test/CN=mariadb.example.com"
59+
openssl x509 -req -days 365 -in server.csr -out certs/server.crt -CA certs/ca.crt -CAkey certs/ca.key -extensions req_ext -extfile server.conf
2660

2761
# Set appropriate permissions
2862
chmod 600 certs/ca.key certs/server.key

0 commit comments

Comments
 (0)