michaeljmarshall opened a new pull request, #19594: URL: https://github.com/apache/pulsar/pull/19594
Fixes #19175 #19587 ### Motivation In #15824, we added the subject alternative name to the certs for some tests. This is problematic for some tests that were expecting hostname verification to fail due to missing SANs. This PR adds a new cert without the SANs to ensure correct coverage. One nuance is that I updated my `/etc/ssl/openssl.cnf` file to include the following config: ```cnf [ v3_ca ] basicConstraints = critical,CA:TRUE subjectKeyIdentifier = hash authorityKeyIdentifier = keyid:always,issuer:always ``` I also had trouble with the `-text` output (not sure why), so I updated how the certs are written to files. That is likely dependent on the version of openssl. ### Modifications * Update the certificates for `ProxyWithAuthorizationTest` to ensure correct test coverage ### Verifying this change This is a test fix. ### Documentation - [x] `doc` This change includes updates to relevant comments for internal testing documentation. ### Matching PR in forked repository PR in forked repository: skipping because tests pass locally -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
