diff --git a/internal/services/firewall/firewall_policy_resource_test.go b/internal/services/firewall/firewall_policy_resource_test.go index 944183d7e78e..5c5adafe7012 100644 --- a/internal/services/firewall/firewall_policy_resource_test.go +++ b/internal/services/firewall/firewall_policy_resource_test.go @@ -470,7 +470,7 @@ resource "azurerm_key_vault_certificate" "test" { key_vault_id = azurerm_key_vault.test.id certificate { - contents = filebase64("testdata/cert_key.pem") + contents = filebase64("testdata/certificate.pfx") } certificate_policy { @@ -482,32 +482,11 @@ resource "azurerm_key_vault_certificate" "test" { exportable = true key_size = 2048 key_type = "RSA" - reuse_key = true + reuse_key = false } secret_properties { - content_type = "application/x-pem-file" - } - - x509_certificate_properties { - # Server Authentication = 1.3.6.1.5.5.7.3.1 - # Client Authentication = 1.3.6.1.5.5.7.3.2 - extended_key_usage = ["1.3.6.1.5.5.7.3.1"] - key_usage = [ - "cRLSign", - "dataEncipherment", - "digitalSignature", - "keyAgreement", - "keyCertSign", - "keyEncipherment", - ] - - subject_alternative_names { - dns_names = ["api.pluginsdk.io"] - } - - subject = "CN=api.pluginsdk.io" - validity_in_months = 1 + content_type = "application/x-pkcs12" } } diff --git a/internal/services/firewall/testdata/HOWTO.md b/internal/services/firewall/testdata/HOWTO.md index 5f2a6218a43d..0ec5e949e0f9 100644 --- a/internal/services/firewall/testdata/HOWTO.md +++ b/internal/services/firewall/testdata/HOWTO.md @@ -1,4 +1,11 @@ -# How Key and Certificate was generated +# How Certificates were generated + +## How Key and Certificate was generated ```bash openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem +``` + +## How PFX was generated from above Key and Certificate +```bash +openssl pkcs12 -export -out certificate.pfx -inkey key.pem -in cert.pem ``` \ No newline at end of file diff --git a/internal/services/firewall/testdata/cert_key.pem b/internal/services/firewall/testdata/cert_key.pem deleted file mode 100644 index d31bc9cac810..000000000000 --- a/internal/services/firewall/testdata/cert_key.pem +++ /dev/null @@ -1,50 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDkjCCAnoCCQDY1A4aUvTZ0TANBgkqhkiG9w0BAQsFADCBijELMAkGA1UEBhMC -Q0gxCzAJBgNVBAgMAlpIMQswCQYDVQQHDAJaSDESMBAGA1UECgwJVGVycmFmb3Jt -MQ4wDAYDVQQLDAVBenVyZTEYMBYGA1UEAwwPd3d3LmNvbnRvc28uY29tMSMwIQYJ -KoZIhvcNAQkBFhR3aGF0ZXZlckBjb250b3NvLmNvbTAeFw0yMTA0MjIxOTU4MTBa -Fw0zMTA0MjAxOTU4MTBaMIGKMQswCQYDVQQGEwJDSDELMAkGA1UECAwCWkgxCzAJ -BgNVBAcMAlpIMRIwEAYDVQQKDAlUZXJyYWZvcm0xDjAMBgNVBAsMBUF6dXJlMRgw -FgYDVQQDDA93d3cuY29udG9zby5jb20xIzAhBgkqhkiG9w0BCQEWFHdoYXRldmVy -QGNvbnRvc28uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rx3 -fTN0UUV1ktetzM2AEIJ4ZKQlibrLtVORPX2LQp2Vl/n74DPD2Re/ZgO2NtjhjItY -O65ZSqOgGz3R8ED4r12AokLCFmqhBnnr4IybeaQos7prjLKwSIyj5NbVMGuzNO6P -55W1zTMfV+CstbCtXtRPa7zizXjYbT3dfpw8FgJLh9sVWaiCO34Nu9PWF9NRIlzI -e/Ek3ss/JnNqskH+xnxgxq68slaZa4qojBjiLl/IdIs4A9DtyJnFd99xuh8nShMg -4ykccPr9/+YBaz8/Ef7/zmXj3g9DLTrIa7JV6s80V5oVINaF7KXu9jmjD+a03SsR -/8eKX6K+xDBtqxpz8wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAOGe2knCVxje06 -ihfhzprg7lTM7GCgiXqa4fdCVwq0hJAYpMg29F7Df3OE/zVD/mzdRWZe2yVTY47f -YFEfDKMmkGepgqICs0wTfhBSham8vkk2yDcoT01Lar+Im3GToP3JSM5YFbqxam0R -/AVskE5aHQ+tIGUwcuwWhjjKQuWua59tI0USjgGaK3cZ5tyFOQPcE3ZFzndWM3Rz -ojNHH5UJOT7zt4RebBzGRpcNdrbkOtVkRVZIwH0wJfm44zR+L36UhpXUd8XGKvua -KFlqJhw/8UtYzXXX5bwHb/JTkOLUbs8gobG23lFhxXG5QhqtwqYnHXRw9Jhclv8p -weEgmhnj ------END CERTIFICATE----- ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDmvHd9M3RRRXWS -163MzYAQgnhkpCWJusu1U5E9fYtCnZWX+fvgM8PZF79mA7Y22OGMi1g7rllKo6Ab -PdHwQPivXYCiQsIWaqEGeevgjJt5pCizumuMsrBIjKPk1tUwa7M07o/nlbXNMx9X -4Ky1sK1e1E9rvOLNeNhtPd1+nDwWAkuH2xVZqII7fg2709YX01EiXMh78STeyz8m -c2qyQf7GfGDGrryyVplriqiMGOIuX8h0izgD0O3ImcV333G6HydKEyDjKRxw+v3/ -5gFrPz8R/v/OZePeD0MtOshrslXqzzRXmhUg1oXspe72OaMP5rTdKxH/x4pfor7E -MG2rGnPzAgMBAAECggEAAXJvIWbgNN5FpX0axu0G/5OB48evwJReUK3MfGE8LVfF -p2VW8goBEWx3s9EUJHXpvDLng8BNKQ2rpGAX3/TYWmkwtFPM2c0jY2ICW68mDnY8 -Fxx1LjW0q0/Oe1HpllsmjY9tcZtbv4SxjqCHFMCd5blZIijWF0nJua2opPGf4tdv -yvN/D9HYPdRlynj6SjUij0rR2PFN134LLaKhRrAsaeKHqSk+Pngxt6HStRLPSnN+ -dqk+6rA0fJ97YXeiNRjYfRbJEMOedJFW5wavddIXkNzI/3iwrDc5P0A+9X+SbIGm -6BlKNy6EbFtEsbsbdcefZaVuaRXEVNsiRXBoUHjkYQKBgQD7yZWZDPr0JWtL+Mav -dewbQUd8xVMzAc9r2mjRCNJi5qanQRDNIDhkYkNVrpBnsKpCe8cDRb3SaawTqYEv -ASCPGOU92ooQ1AMKMwETaCsrSDAEwpS6NdCSuYZbu6yGqWc8/v4Oi8ZAv10I1TJP -2WaG2PkvfOpsvXs8ixQWZ4f5QwKBgQDqmLgV86pnDFUEfW8W8f0n6PG0gPSofcF7 -DKDEcRj3ZmkBWDUKiICBInrPgQaxw5rLA4lL1GwRgxMQg51fit52mQcsMK56/aQx -3BmSIoA3Uf+mzHp+bSL+o1vYmoOtklUF09DGIf+y4XyQy9GjojSzxCVkXqBwFldj -9+jL0NXXkQKBgECyo8YYF8P0eYWj/ynG20yFkaD181L//BRyosxTv/u52MjRZ0fO -J69jsHmryV9bfeRnedPVb9lJXfYPcCpr17ntY7ppFWENmVpdkMEz2yPcALq4ZQ8U -FOwez+9yYfqYPPbnbtC+CctJYNaMMcliy32K8zzIlFQsvCXqdtbq832RAoGAAtPw -dCNJzJAzfihc7HPiT1bZgwmC6X0Klgci8PtEB8duQJvll8jpc6UMwe+WOxJWjVfv -kcBvxQ5Fbo+HmB0+bUOO+JNlpwnjrs4uaLqNvRz57fLNDzUVlOg3NTc3myIGcFmL -TLggMvHQ5JXwYv6TkA8vPDR/zpoWV5gncD2GNmECgYEA8e9f30xeVtce5eUebRkB -bNCxi1sApTIPq8CXRN5JzX5plFj7K1HUlgqQsIxpdWJhi8G7DMj8C4/K7V+PjCTo -dU1ulbuFWwrIuSS3W6S1gh+eBhODfU80iO6SvSbGLiq11iRrQL/xMsCLgOExZE5d -BXgz1uzIrvJt5jmZh6bPSYc= ------END PRIVATE KEY----- diff --git a/internal/services/firewall/testdata/certificate.pfx b/internal/services/firewall/testdata/certificate.pfx new file mode 100644 index 000000000000..cbf0f300daeb Binary files /dev/null and b/internal/services/firewall/testdata/certificate.pfx differ