diff --git a/packages/osd-dev-utils/certs/ca.crt b/packages/osd-dev-utils/certs/ca.crt index 0fc61d440091..948293da120c 100644 --- a/packages/osd-dev-utils/certs/ca.crt +++ b/packages/osd-dev-utils/certs/ca.crt @@ -8,22 +8,4 @@ Bag Attributes subject=/CN=OpenSearch Certificate Tool Autogenerated CA issuer=/CN=OpenSearch Certificate Tool Autogenerated CA -----BEGIN CERTIFICATE----- -MIIDSzCCAjOgAwIBAgIUW0brhEtYK3tUBYlXnUa+AMmAX6kwDQYJKoZIhvcNAQEL -BQAwNDEyMDAGA1UEAxMpRWxhc3RpYyBDZXJ0aWZpY2F0ZSBUb29sIEF1dG9nZW5l -cmF0ZWQgQ0EwIBcNMTkxMjI3MTcwMjMyWhgPMjA2OTEyMTQxNzAyMzJaMDQxMjAw -BgNVBAMTKUVsYXN0aWMgQ2VydGlmaWNhdGUgVG9vbCBBdXRvZ2VuZXJhdGVkIENB -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplO5m5Xy8xERyA0/G5SM -Nu2QXkfS+m7ZTFjSmtwqX7BI1I6ISI4Yw8QxzcIgSbEGlSqb7baeT+A/1JQj0gZN -KOnKbazl+ujVRJpsfpt5iUsnQyVPheGekcHkB+9WkZPgZ1oGRENr/4Eb1VImQf+Y -yo/FUj8X939tYW0fficAqYKv8/4NWpBUbeop8wsBtkz738QKlmPkMwC4FbuF2/bN -vNuzQuRbGMVmPeyivZJRfDAMKExoXjCCLmbShdg4dUHsUjVeWQZ6s4vbims+8qF9 -b4bseayScQNNU3hc5mkfhEhSM0KB0lDpSvoCxuXvXzb6bOk7xIdYo+O4vHUhvSkQ -mwIDAQABo1MwUTAdBgNVHQ4EFgQUGu0mDnvDRnBdNBG8DxwPdWArB0kwHwYDVR0j -BBgwFoAUGu0mDnvDRnBdNBG8DxwPdWArB0kwDwYDVR0TAQH/BAUwAwEB/zANBgkq -hkiG9w0BAQsFAAOCAQEASv/FYOwWGnQreH8ulcVupGeZj25dIjZiuKfJmslH8QN/ -pVCIzAxNZjGjCpKxbJoCu5U9USaBylbhigeBJEq4wmYTs/WPu4uYMgDj0MILuHin -RQqgEVG0uADGEgH2nnk8DeY8gQvGpJRQGlXNK8pb+pCsy6F8k/svGOeBND9osHfU -CVEo5nXjfq6JCFt6hPx7kl4h3/j3C4wNy/Dv/QINdpPsl6CnF17Q9R9d60WFv42/ -pkl7W1hszCG9foNJOJabuWfVoPkvKQjoCvPitZt/hCaFZAW49PmAVhK+DAohQ91l -TZhDmYqHoXNiRDQiUT68OS7RlfKgNpr/vMTZXDxpmw== -----END CERTIFICATE----- diff --git a/packages/osd-dev-utils/certs/opensearch.p12 b/packages/osd-dev-utils/certs/opensearch.p12 index 02a9183cd8a5..e69de29bb2d1 100644 Binary files a/packages/osd-dev-utils/certs/opensearch.p12 and b/packages/osd-dev-utils/certs/opensearch.p12 differ diff --git a/packages/osd-dev-utils/certs/opensearch_dashboards.p12 b/packages/osd-dev-utils/certs/opensearch_dashboards.p12 index 06bbd2388129..e69de29bb2d1 100644 Binary files a/packages/osd-dev-utils/certs/opensearch_dashboards.p12 and b/packages/osd-dev-utils/certs/opensearch_dashboards.p12 differ diff --git a/packages/osd-dev-utils/certs/opensearch_emptypassword.p12 b/packages/osd-dev-utils/certs/opensearch_emptypassword.p12 index 3162982ac635..e69de29bb2d1 100644 Binary files a/packages/osd-dev-utils/certs/opensearch_emptypassword.p12 and b/packages/osd-dev-utils/certs/opensearch_emptypassword.p12 differ diff --git a/packages/osd-dev-utils/certs/opensearch_nopassword.p12 b/packages/osd-dev-utils/certs/opensearch_nopassword.p12 index 3a22a58d207d..e69de29bb2d1 100644 Binary files a/packages/osd-dev-utils/certs/opensearch_nopassword.p12 and b/packages/osd-dev-utils/certs/opensearch_nopassword.p12 differ diff --git a/packages/osd-opensearch/src/integration_tests/cluster.test.js b/packages/osd-opensearch/src/integration_tests/cluster.test.js index b93ac0177d91..9bbcd0b27704 100644 --- a/packages/osd-opensearch/src/integration_tests/cluster.test.js +++ b/packages/osd-opensearch/src/integration_tests/cluster.test.js @@ -265,7 +265,8 @@ describe('#start(installPath)', () => { await expect(cluster.start()).rejects.toThrowError('OpenSearch has already been started'); }); - it('sets up SSL when enabled', async () => { + // TODO: [RENAMEME] REPLACE PKCS12 FILES, CERTS, AND KEYS. Temporarily removed until we regenerate them ourselves. + it.skip('sets up SSL when enabled', async () => { mockOpenSearchBin({ start: true, ssl: true }); const cluster = new Cluster({ log, ssl: true }); diff --git a/src/core/server/utils/crypto/__fixtures__/README.md b/src/core/server/utils/crypto/__fixtures__/README.md index 629d83a2fc96..d6343e47d942 100644 --- a/src/core/server/utils/crypto/__fixtures__/README.md +++ b/src/core/server/utils/crypto/__fixtures__/README.md @@ -1,5 +1,10 @@ # PKCS12 Test Fixtures +```shell +TODO: REPLACE PKCS12 FILES, CERTS, AND KEYS. +Temporarily removed until we regenerate them ourselves. +``` + These PKCS12 files are used to test different scenarios. Each has an empty password. Including `-noiter` uses a single encryption iteration, and `-nomaciter` uses a single MAC verification iteration. diff --git a/src/core/server/utils/crypto/pkcs12.test.ts b/src/core/server/utils/crypto/pkcs12.test.ts index e019e06d82b0..3bcd021f5d74 100644 --- a/src/core/server/utils/crypto/pkcs12.test.ts +++ b/src/core/server/utils/crypto/pkcs12.test.ts @@ -66,7 +66,8 @@ beforeAll(() => { pemKey = readPem(OPENSEARCH_KEY_PATH); }); -describe('#readPkcs12Keystore', () => { +// TODO: [RENAMEME] REPLACE PKCS12 FILES, CERTS, AND KEYS. Temporarily removed until we regenerate them ourselves. +describe.skip('#readPkcs12Keystore', () => { const expectKey = (pkcs12ReadResult: Pkcs12ReadResult) => { const result = reformatPem(pkcs12ReadResult.key!); expect(result).toEqual(pemKey); @@ -209,7 +210,8 @@ describe('#readPkcs12Keystore', () => { }); }); -describe('#readPkcs12Truststore', () => { +// TODO: [RENAMEME] REPLACE PKCS12 FILES, CERTS, AND KEYS. Temporarily removed until we regenerate them ourselves. +describe.skip('#readPkcs12Truststore', () => { it('reads all certificates into one CA array and discards any certificates that have keys', () => { const ca = readPkcs12Truststore(OPENSEARCH_P12_PATH, OPENSEARCH_P12_PASSWORD); const result = ca?.map((x) => reformatPem(x));