Changes to the httptester docker image to support new client cert functionality in tests (#19912)

* Fix Dockerfile * Add changes to docker image to support new client cert functionality * Update repo:tag for docker
2026-05-07 13:52:54 +00:00 · 2017-01-04 23:07:13 -06:00
parent 1c16c1db2b
commit 9048cf2758
5 changed files with 46 additions and 6 deletions
--- a/test/utils/docker/httptester/httptester.yml
+++ b/test/utils/docker/httptester/httptester.yml
@@ -102,10 +102,29 @@
      shell: >
        yes | openssl ca -config /etc/ssl/openssl.cnf -out /root/ca/sni2.ansible.http.tests-cert.pem -infiles /root/ca/sni2.ansible.http.tests-req.pem

+    - name: Generate client key
+      command: >
+        openssl req -new -nodes -out /root/ca/client.ansible.http.tests-req.pem -keyout /root/ca/private/client.ansible.http.tests-key.pem -config /etc/ssl/openssl.cnf
+          -subj "/C=US/ST=North Carolina/L=Durham/O=Ansible/CN=client.ansible.http.tests"
+
+    - name: Generate client.ansible.http.tests cert
+      shell: >
+        yes | openssl ca -config /etc/ssl/openssl.cnf -out /root/ca/client.ansible.http.tests-cert.pem -infiles /root/ca/client.ansible.http.tests-req.pem
+
    - name: Copy cacert.pem into nginx doc root for easy retrieval
      copy:
-        src: /root/ca/cacert.pem
-        dest: /usr/share/nginx/html/cacert.pem
+        src: "/root/ca/cacert.pem"
+        dest: "/usr/share/nginx/html/cacert.pem"
+        remote_src: true
+
+    - copy:
+        src: /root/ca/client.ansible.http.tests-cert.pem
+        dest: /usr/share/nginx/html/client.pem
+        remote_src: true
+
+    - copy:
+        src: /root/ca/private/client.ansible.http.tests-key.pem
+        dest: /usr/share/nginx/html/client.key
        remote_src: true

    - name: Install gunicorn and httpbin