Comments (6)
bbyars
commented on May 29, 2024
1
Done!
…On Wed, Jul 5, 2023 at 2:33 AM MakersAll8 ***@***.***> wrote:
@bbyars <https://github.com/bbyars> will you please consider merging
this? It would make upgrading images to node 18 a bit smoother.
—
Reply to this email directly, view it on GitHub
<#731 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAARFPYOVFPTB52DOTNOEO3XOUKFTANCNFSM6AAAAAAYW6CJGE>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
from mountebank.
MakersAll8
commented on May 29, 2024
I was able to resolve this by adding the two lines in the imposter.ejs file.
"cert": "-----BEGIN CERTIFICATE-----<self signed certificate>-----END CERTIFICATE-----",
"key": "-----BEGIN RSA PRIVATE KEY-----<private key content>-----END RSA PRIVATE KEY-----",
My cert and key were generated on a ubuntu image following the following steps
create a Dockerfile
FROM ubuntu:20.04
USER root
RUN apt update
RUN apt install openssh-server -y
WORKDIR /home/ubuntu/key
in host terminal build the image and tag it as generate_key
docker build -t generate_key --rm .
spin up a container based on the image
docker run --rm -v $PWD/key:/home/ubuntu/key -it --entrypoint /bin/bash generate_key
run the following command in the container CLI
export ROOT_CA_PASSWORD=$(echo $RANDOM | md5sum | head -c 30) && \
openssl genrsa -des3 -passout pass:$ROOT_CA_PASSWORD -out developmentCA.key 2048 && \
openssl req -x509 -new -nodes -key developmentCA.key -sha256 -days 825 -out developmentCA.crt \
-subj "/C=AU/ST=Victoria/L=Melbourne/O=CompanyName/OU=DepartmentName/CN=DevelopmentCA" \
-passin pass:$ROOT_CA_PASSWORD && \
openssl genrsa -out localhost.key 2048 && \
openssl req -new -sha256 -key localhost.key \
-subj "/C=AU/ST=Victoria/L=Melbourne/O=CompanyName/OU=DepartmentName/CN=localhost:2525" \
-addext "subjectAltName=DNS:localhost:2525" -out localhost.csr && openssl x509 \
-req -in localhost.csr -CA developmentCA.crt -extensions SAN \
-extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=DNS:localhost:2525")) \
-CAkey developmentCA.key -CAcreateserial -out localhost.crt -days 825 -sha256 \
-passin pass:$ROOT_CA_PASSWORD && \
openssl x509 -in localhost.crt -text -noout
In your key folder on host machine where you created the Dockerfile above, you should have a bunch of private keys, public keys, certificate signing request, etc. Only localhost.key and localhost.crt are of interests to us, the rest were created to eventually get the self-signed certificate localhost.crt.
Copy localhost.key into the key field in the imposters.ejs file, and localhost.crt into cert.
I would raise a PR to change the default key and cert values in moutebank, but would like to ask whether I should just set the -days value to a ridiculously large number like 3650 days to make the cert valid for 10 years?
from mountebank.
bbyars
commented on May 29, 2024
Hi there,
Thanks for the update, and offer to add a PR. Yes, I believe for the built-in key, security is less the point than convenience of mock setup, so I would set it for 10 years.
from mountebank.
MakersAll8
commented on May 29, 2024
from mountebank.
MakersAll8
commented on May 29, 2024
@bbyars will you please consider merging this? It would make upgrading images to node 18 a bit smoother.
from mountebank.
MakersAll8
commented on May 29, 2024
Closed as resolved by PR above.
from mountebank.
Related Issues (20)
- ProxyOnce Mode to Consider Responses Saved in Data Dir HOT 1
- deleted log file is not recreated, erasing lines from log file stops logging
- mountebank performance is horrible due to calling require inside http server hot paths HOT 6
- mountebank issue when the mock is >35000 line HOT 6
- Getting error trying to create a mock with mountebank HOT 1
- Unable to use different type other than string(s) when injecting responses via CSV lookup
- Add binary body representation for http(s) requests for /imposters/{key} endpoint
- Stable release with ARM support
- Master commits break projects using the latest version HOT 3
- Creating & deleting imposters in a load balanced setup HOT 1
- EACCES: permission denied, open 'mb.pid' with version `2.8.1` HOT 2
- Expect field in the header HOT 1
- Mountebank doesn't show imposters metrics
- QUESTION: How to copy (behavior) integer value from path to body field? HOT 1
- How to close tcp connection by Imposter HOT 1
- [Feature Request] Allow mountebank to send back statusMesage
- Mongodb as log transport
- bug in src/util/helpers.js merge function for case with an Array field
- Mountebank beautifies JSON responses from proxies before replying to the caller.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mountebank.