[GitHub] [trafficcontrol] zrhoffman commented on a change in pull request #4630: Updating the testing documentation for TO to add more info about buil…

Tue, 14 Apr 2020 12:10:15 -0700 

zrhoffman commented on a change in pull request #4630: Updating the testing 
documentation for TO to add more info about buil…
URL: https://github.com/apache/trafficcontrol/pull/4630#discussion_r408367367
 
 

 ##########
 File path: traffic_ops/testing/api/README.md
 ##########
 @@ -60,7 +84,49 @@ In order to run the tests you will need the following:
        change `traffic_ops_golang->port` to 8443
 
     `$ go build && ./traffic_ops_golang -cfg $HOME/cdn.conf -dbcfg 
../app/conf/test/database.conf`
-
+    
+    In your local development environment, if the above command fails for an 
error similar to 
+    `ERROR: traffic_ops_golang.go:193: 2020-04-10T10:55:53.190298-06:00: 
cannot open /etc/pki/tls/certs/localhost.crt for read: open 
/etc/pki/tls/certs/localhost.crt: no such file or directory`
+    you might not have the right certificates at the right locations. Follow 
the following procedure
+    to fix it:
+    ```bash
+         $ openssl genrsa -des3 -passout pass:x -out localhost.pass.key 2048
 
 Review comment:
   Running this command, I get
   ```shell
   [user@computer c]$ openssl genrsa -des3 -passout pass:x -out 
localhost.pass.key 2048
   Generating RSA private key, 2048 bit long modulus (2 primes)
   ...................................................+++++
   ....+++++
   e is 65537 (0x010001)
   140415293105472:error:28078065:UI routines:UI_set_result_ex:result too 
small:crypto/ui/ui_lib.c:905:You must type in 4 to 1023 characters
   140415293105472:error:28078065:UI routines:UI_set_result_ex:result too 
small:crypto/ui/ui_lib.c:905:You must type in 4 to 1023 characters
   140415293105472:error:0906906F:PEM routines:PEM_ASN1_write_bio:read 
key:crypto/pem/pem_lib.c:357:
   ```
   A file named `localhost.pass.key` is generated, but it is empty. Instead of 
separtely generating a private key and CSR and then signing it, you can 
generate a private key and cert with
   
   ```shell
   openssl req -new -x509 -newkey rsa:4096 -nodes -out cert.crt -keyout 
cert.key -subj "/CN=*"
   ```
   
   Should the cert section use that command instead?

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


With regards,
Apache Git Services

Reply via email to