diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 1660f95..6aef386 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -16,5 +16,9 @@ jobs: with: dotnet-version: 6.0.x + - name: Add hosts to /etc/hosts + run: | + echo "127.0.0.1 localhost.vault.azure.net" | sudo tee -a /etc/hosts + - name: Verify run: make verify diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index 298d87a..4f1c669 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -18,6 +18,10 @@ jobs: with: dotnet-version: 6.0.x + - name: Add hosts to /etc/hosts + run: | + echo "127.0.0.1 localhost.vault.azure.net" | sudo tee -a /etc/hosts + - name: Verify run: make verify diff --git a/AzureKeyVaultEmulator.AcceptanceTests/AzureKeyVaultEmulator.AcceptanceTests.csproj b/AzureKeyVaultEmulator.AcceptanceTests/AzureKeyVaultEmulator.AcceptanceTests.csproj index 78303c3..1f04558 100644 --- a/AzureKeyVaultEmulator.AcceptanceTests/AzureKeyVaultEmulator.AcceptanceTests.csproj +++ b/AzureKeyVaultEmulator.AcceptanceTests/AzureKeyVaultEmulator.AcceptanceTests.csproj @@ -7,11 +7,11 @@ - - - - - + + + + + runtime; build; native; contentfiles; analyzers; buildtransitive all diff --git a/AzureKeyVaultEmulator.AcceptanceTests/Secrets/CreateSecretTests.cs b/AzureKeyVaultEmulator.AcceptanceTests/Secrets/CreateSecretTests.cs index b9fa9aa..e92c833 100644 --- a/AzureKeyVaultEmulator.AcceptanceTests/Secrets/CreateSecretTests.cs +++ b/AzureKeyVaultEmulator.AcceptanceTests/Secrets/CreateSecretTests.cs @@ -12,7 +12,12 @@ public class CreateSecretTests public CreateSecretTests() { - _secretClient = new SecretClient(new Uri("https://localhost:5551/"), new LocalTokenCredential()); + _secretClient = new SecretClient(new Uri("https://localhost.vault.azure.net:5551/"), + new LocalTokenCredential(), + new SecretClientOptions + { + DisableChallengeResourceVerification = true + }); } [Fact] @@ -42,8 +47,10 @@ public async Task ShouldBeAbleToCreateASecret() Assert.NotNull(createdSecret.Id); Assert.Equal(secret.Value, createdSecret.Value); Assert.Equal(secret.Properties.Enabled, createdSecret.Properties.Enabled); - Assert.Equal(secret.Properties.ExpiresOn.Value.ToUnixTimeSeconds(), createdSecret.Properties.ExpiresOn.GetValueOrDefault().ToUnixTimeSeconds()); - Assert.Equal(secret.Properties.NotBefore.Value.ToUnixTimeSeconds(), createdSecret.Properties.NotBefore.GetValueOrDefault().ToUnixTimeSeconds()); + Assert.Equal(secret.Properties.ExpiresOn.Value.ToUnixTimeSeconds(), + createdSecret.Properties.ExpiresOn.GetValueOrDefault().ToUnixTimeSeconds()); + Assert.Equal(secret.Properties.NotBefore.Value.ToUnixTimeSeconds(), + createdSecret.Properties.NotBefore.GetValueOrDefault().ToUnixTimeSeconds()); Assert.NotNull(createdSecret.Properties.Version); Assert.Equal("local", createdSecret.Properties.Tags["environment"]); Assert.Equal("true", createdSecret.Properties.Tags["testing"]); diff --git a/AzureKeyVaultEmulator.AcceptanceTests/Secrets/GetSecretTests.cs b/AzureKeyVaultEmulator.AcceptanceTests/Secrets/GetSecretTests.cs index 375999b..f4aa84b 100644 --- a/AzureKeyVaultEmulator.AcceptanceTests/Secrets/GetSecretTests.cs +++ b/AzureKeyVaultEmulator.AcceptanceTests/Secrets/GetSecretTests.cs @@ -13,7 +13,7 @@ public class GetSecretTests public GetSecretTests() { - _secretClient = new SecretClient(new Uri("https://localhost:5551/"), new LocalTokenCredential()); + _secretClient = new SecretClient(new Uri("https://localhost.vault.azure.net:5551/"), new LocalTokenCredential()); } [Fact] diff --git a/AzureKeyVaultEmulator/AzureKeyVaultEmulator.csproj b/AzureKeyVaultEmulator/AzureKeyVaultEmulator.csproj index 136b7a8..764983a 100644 --- a/AzureKeyVaultEmulator/AzureKeyVaultEmulator.csproj +++ b/AzureKeyVaultEmulator/AzureKeyVaultEmulator.csproj @@ -5,7 +5,7 @@ - + diff --git a/AzureKeyVaultEmulator/Startup.cs b/AzureKeyVaultEmulator/Startup.cs index f35de80..6162f03 100644 --- a/AzureKeyVaultEmulator/Startup.cs +++ b/AzureKeyVaultEmulator/Startup.cs @@ -83,7 +83,7 @@ public void ConfigureServices(IServiceCollection services) OnChallenge = context => { context.Response.Headers.Remove("WWW-Authenticate"); - context.Response.Headers["WWW-Authenticate"] = "Bearer authorization=\"https://localhost:5001/foo/bar\", scope=\"foobar\", resource=\"https://some.url\""; + context.Response.Headers["WWW-Authenticate"] = $"Bearer authorization=\"https://localhost:5001/foo/bar\", scope=\"foobar\", resource=\"https://vault.azure.net\""; return Task.CompletedTask; } }; diff --git a/README.md b/README.md index 8f2a780..95b5b63 100644 --- a/README.md +++ b/README.md @@ -68,7 +68,7 @@ For the Azure KeyVault Emulator to be accessible from other containers in the sa echo '[req]'; \ echo 'distinguished_name=req'; \ echo '[san]'; \ - echo 'subjectAltName=DNS.1:localhost,DNS.2:') + echo 'subjectAltName=DNS.1:localhost,DNS.2:,DNS.3:localhost.vault.azure.net,DNS.4:.vault.azure.net') ``` 1. Export a `.pks` formatted key using the public/private keypair generated in the previous step: @@ -92,9 +92,9 @@ For the Azure KeyVault Emulator to be accessible from other containers in the sa services: ... - azure-keyvault-emulator: - container_name: azure-keyvault-emulator + azure-keyvault-emulator: image: basis-theory/azure-keyvault-emulator:latest + hostname: .vault.azure.net ports: - 5001:5001 - 5000:5000 @@ -122,9 +122,23 @@ For the Azure KeyVault Emulator to be accessible from other containers in the sa volumes: - :/https environment: - - KeyVault__BaseUrl=https://azure-keyvault-emulator:5001/ + - KeyVault__BaseUrl=https://.vault.azure.net:5001/ ``` +1. (Optional) Azure KeyVault SDKs verify the challenge resource URL as of v4.4.0 (read more [here](https://devblogs.microsoft.com/azure-sdk/guidance-for-applications-using-the-key-vault-libraries/)). +To satisfy the new challenge resource verification requirements, do one of the following: + 1. Use an emulator hostname that ends with `.vault.azure.net` (e.g. `localhost.vault.azure.net`). A new entry may need to be added to `/etc/hosts` to properly resolve DNS (i.e. `127.0.0.1 localhost.vault.azure.net`). + 1. Set `DisableChallengeResourceVerification` to true in your client options to disable verification. +```csharp +var client = new SecretClient( + new Uri("https://localhost.vault.azure.net:5551/"), + new LocalTokenCredential(), + new SecretClientOptions + { + DisableChallengeResourceVerification = true + }); +``` + ## Development The provided scripts will check for all dependencies, start docker, build the solution, and run all tests. diff --git a/azure-keyvault-emulator.crt b/azure-keyvault-emulator.crt new file mode 100644 index 0000000..30ef583 --- /dev/null +++ b/azure-keyvault-emulator.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFPDCCAySgAwIBAgIJAN6yZUBL6I4XMA0GCSqGSIb3DQEBCwUAMCIxIDAeBgNV +BAMMF2F6dXJlLWtleXZhdWx0LWVtdWxhdG9yMB4XDTIyMTAwNDEzMzMyMloXDTMy +MDcwMzEzMzMyMlowIjEgMB4GA1UEAwwXYXp1cmUta2V5dmF1bHQtZW11bGF0b3Iw +ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC0NIpwcSq9bQiciTprOLGf +6TwqvdPAO1XlB3B6m0kVhD3wdj7+R3qePeuhFhAGUCczlbMqg47L2Vca6u7ieIna +mPBA0G+fTk486T96qK26XUumVwdbrs5fNrWCCQlD9O5kV1pp2N3AQ6pi5FdMfOWD +cSdvjRIZdhm/PVFWX2PD9xbyJIrPClIGeEcz/hzx4xeRSF4fRGrCaR8GAOJLbG1e +si8SZIXer/bek0iSlrBCUDjcqFVRg3nFMrc85abO7ZDTHbDYxFbEAG+Jd1UXb/y4 +PJCOgK3LTRFprW0U9qPnyrrtHL+zsMCWX4nESeoqkwBsW3XBH/reer3HZOGEk7KJ +OHxZWQGxl+dP+s3kGCjxBCtWbraceFlqbYVwqUG3zZc/M/0g6oNxRuCJS66oUq/5 +XnPZUoTvYDoblKFdlKt6ycNjENu2fDzOgsf6c+qNq+ZlT1CAcwR4NGW6lZ3V29+C +cz/ECztfEwpbZdQFl5aCzMmZD5l3/K8HKFltyxQmtwS7K1cHVzxwMvSCVnV87op6 +EMpUHZ8895KDmZccb25O+B6pW2VEERCUIxC+O6Vb6M0ppUsfJnOd3Qut77NHYKkg +FHCjetzPRX4zHuntpSKPZ4Ax5wexfm7tIbOqCI1VImEzVYdlO4chPA3ceREz4A4o +eGs3zoJcJe7gVHOWisinYQIDAQABo3UwczBxBgNVHREEajBogglsb2NhbGhvc3SC +F2F6dXJlLWtleXZhdWx0LWVtdWxhdG9yghlsb2NhbGhvc3QudmF1bHQuYXp1cmUu +bmV0gidhenVyZS1rZXl2YXVsdC1lbXVsYXRvci52YXVsdC5henVyZS5uZXQwDQYJ +KoZIhvcNAQELBQADggIBAC4tiVEKxmFUPRTsdejW8hETf2RLs2XZYLx7Nz0fPiJD +xUi2Y39R3yHOrcxxOGMgEIg1HiuVALqWVfwTWhlFkChNDNIjknpMNvK1SONWpYcx +6RXg41M9N5myAdxrD5lrjsJ5/FlxYMPp5ONJ2g8Iu4iPpuHu6kpBnMLAXDsnsPzh +fHgswJesE3AJlfEJi4Zftv0BPs3cpfrPYaAHCz9kHBsipKbKYc112wwArcqUh9T6 +BBu8yDjCmKxcrmo8JhSUu4qjBD+YjLyP5TjBIVF84cDHbw4OTFh0QWk5nntQg3sB +2vO5KJpcIIjQYMBrHalipj/tKZAVk3KT64QSBECCf+rxH8zDphED/fOmo55K3v0S +Jrewsdxmuo7KBWzklZ9gzbIdow7/fen90QUl1v33C9cXIS5DfodstOsm10H4k34A +pL05Uz1YYxtAT0ezPmwRKTC9bJ5C4INR+m++4YOtZwwXIXKM35mb6PTGhx8l4J/N +yIzrK/kCbPMPxoH2qjvDuPPeNedccQS6ONaV5NLKE6CBmYIumqgKwEf/n6v/Ns62 +ka1ym8G5rIFwriE1vOj2GVOlnsh6jsKwfRq8WL+Xom1lCTsXORBS+zc3KT/gy74Q +Dkm/ftCTgP+KQA5Of9P+wLmZSUuqGCUhFuDfna8vwBcRBeVYifqcmeu1nj7ejLzf +-----END CERTIFICATE----- diff --git a/azure-keyvault-emulator.key b/azure-keyvault-emulator.key new file mode 100644 index 0000000..eb43b29 --- /dev/null +++ b/azure-keyvault-emulator.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQC0NIpwcSq9bQic +iTprOLGf6TwqvdPAO1XlB3B6m0kVhD3wdj7+R3qePeuhFhAGUCczlbMqg47L2Vca +6u7ieInamPBA0G+fTk486T96qK26XUumVwdbrs5fNrWCCQlD9O5kV1pp2N3AQ6pi +5FdMfOWDcSdvjRIZdhm/PVFWX2PD9xbyJIrPClIGeEcz/hzx4xeRSF4fRGrCaR8G +AOJLbG1esi8SZIXer/bek0iSlrBCUDjcqFVRg3nFMrc85abO7ZDTHbDYxFbEAG+J +d1UXb/y4PJCOgK3LTRFprW0U9qPnyrrtHL+zsMCWX4nESeoqkwBsW3XBH/reer3H +ZOGEk7KJOHxZWQGxl+dP+s3kGCjxBCtWbraceFlqbYVwqUG3zZc/M/0g6oNxRuCJ +S66oUq/5XnPZUoTvYDoblKFdlKt6ycNjENu2fDzOgsf6c+qNq+ZlT1CAcwR4NGW6 +lZ3V29+Ccz/ECztfEwpbZdQFl5aCzMmZD5l3/K8HKFltyxQmtwS7K1cHVzxwMvSC +VnV87op6EMpUHZ8895KDmZccb25O+B6pW2VEERCUIxC+O6Vb6M0ppUsfJnOd3Qut +77NHYKkgFHCjetzPRX4zHuntpSKPZ4Ax5wexfm7tIbOqCI1VImEzVYdlO4chPA3c +eREz4A4oeGs3zoJcJe7gVHOWisinYQIDAQABAoICAQCFVksJH/Mr7j1s9e0P4Qcs +93rZdVP07PKFYJfNYJEXJp5eCmBZ7bHA3Lg4nQaGZVBcTuwfDPDfzJUzCZpwYBhA +cuFyU8gD7ADf+QZLT/wb5WRQVBzRreptcSGkceM1MUojXK89moWZ+XddbO9bXR7F +vzgaxhsaU9SBOHGyoypCmdWUnY1H3K8Msnqc8e2g3RNXIGDkac9Ewlt+KbFHdZcH +dnh194NGXpUf44LTVERfDNTGEJfwlIPJcdk7agGfIxEB5PoxqjU5GcltwapoiShJ +eibMClKOFxxHQVdxJ33nyI2/XIJMBwC5Qz/AyaBGmDa79oCOwYbyj4dUvkRPwKlc +uV8aG9GZVIM6S+fTs0y4qKp8agLaNiGot3LinGzN/8eOwzKFeHBVTeSqjmrXETvF +C37M4KdoKGqYcWMzJ5636jgOdNs9ahkiov6XF4MKZekrVgP3JRjBqv+gHBvdIfGy +XnvGKDNvcW3pbRJxILz+gvFpVqqQH5gEyOmdHiCUfA3aDAPfKoLVIM7taGFeGNPd +pW5nHVbDPx6aIR4TTMiokBMHGcXzlgNog4T+e5iF/4r1OkFr5SaUz07NVjn+YU89 +ktqI5dC0XhUoJ+KFDvOw0XibRU3YJTZXuOl5Y0/YJm3yIxQqk0J/odrzPYa6pyRf +mAeQ46h859+TJtI+9dNGQQKCAQEA2EI1aP/bTDBtXR5O5vRS6MdcNlx/i0Cg42Jr +13P4dttbF0p2o685gel+ukXO/Qj7bjLxihM+aQbavOhvyl/r0FmwZgWG9GiSOTLj +kbxc12mYIuv2M0zIfInB60TRfycbiHrL5VkMdFWrZiYGO/DLGAnrZ8FeZv8Ccaio +wYDV4figkPN7VHslxSrNGQpb+Nyuzjfga2EVI5ueXzeXFH45iWaFCQTcmDRMc2Ui +CrjbwPJY9Gn/JpY2+NmFqUkbNuc2KI+HnvFI1u2yuAlSF5E/HPbmCvbIzhbUTU/A +ibqBU/vbxL68oNYjnexJJ5tQ6hY/c+2XuZCp64DDFwhaYYMwTQKCAQEA1VI3ZFIN +19fVdveoI3+amCHrCNJfWsy69o2QUkLDr5CA6Vsh0ymKvztfhqzAxncAmmSiGaMU +Uk4Wm+Zu0hPP95Nr24tbRxei/9CLJFl4Y9+ZzOJ/AlTNc7q3itdqiYlaGSF6oR0i +mHgb9CEi4YRmLJD8x7stG0BJdx2zcsq72Wf47tM9Cso/BxM5quUWOIDi7Nu+6nz/ +D/1vYExH/t5RO01GD/VbA2nly0Mc+tlGnKBGbqn6OplU9AO3x6y6z7TekhGSyZps +vTIY5wrxJzBjartnHIevC3NKZRkVNAViT+UIagBFkbCdzvtj7e0cjsvjYJCVW8i0 +kf/TbHsl0bV9ZQKCAQEAl2UCbxdvNs9QQLhPFHBG+p9WdtgakioUeBsW1CZj8xFt +m8iNddndsIz+IvlsBsia/HK9laQTNQOPbmBqooq0U4/2ZfXInKH4fAKcPhJYDJXn +48q8+Pzv/f+SulnbL+D47XrJ8y18ApVXAJPuGVhhVdrb6i79H6220Er6mTzQfvnH +rrJFzMbJklZ8buNJr9cOqV+ExKeaXOs82/vW0IntTbtvtvioVgWG3+IVCtyPO2xt +ye3KqgDPSzc8015SpwUGbS7OCv9vtseBLkWYKteMD4LpWRObUGu7BMSoTcM7dsgC ++qFs/Evtc0lPjWK2KqqYkVfruAUGb9Acw6sdWta0oQKCAQEAyNadPCBc1Chq25UT +gkhzPmRAqo+WIyC5rcNea3RcVIDSPeIFGI/2B1FZAKzI2pHTyYiRbV2ylkLa2nC7 +SaJJnKf5Vjv/9hD077BiMBjkVfOBE/ry5Tj+LcVPZLKnpVHht+NjVyjdF3uNpe1E +r9o9cBwZQdqh/xQplrIp7xucfHV9Uy0iPXRonrqlApaosw31mFbTimWgpmdPYvSu +m/CnvhNksUWpKK+dIB/RuwKxjmj/ptT1uBIAf7S4ZI/lWgTJv/A3qQNw+TefZndQ +0DqofyZtT9kXHsqu8jwJUG75Pos9vr7+wMnt6Z+ZV7pztqWTL6kwVbfC+epIHcxb +sPMUWQKCAQBsrXQxsIJuLoxW+VbxJbwEnoqFeHSLpPGAH8Q1iAi8woLJIPHv5oYu +EQAr5yPBfGIfR+wVoU2WP0DSKoctS80VEFhKNfkhEyRMQZITynhu/Yc2U27I2mb7 +3OcuZKdD4x3WlGZi8AZvQZwvRebmUs6F/2/Itoat8UTDtQx43Iar65/dvjkY28vh +nnWrkyJP0hIGIT4t4ZM2vG8+OQbJCSq5aXv8zwCW/CoiBk0C+5nLCpkPAs/eIATf +IHYu8t5CrjtBLzfzbannWbRPeskRQp3X4GvRKDOIVcmn2X9nvbA+dS2E+cYxRpmp +V20NPv6LYUshyYwOo3z25EX57WbuMnuK +-----END PRIVATE KEY----- diff --git a/azure-keyvault-emulator.pfx b/azure-keyvault-emulator.pfx new file mode 100644 index 0000000..1776344 Binary files /dev/null and b/azure-keyvault-emulator.pfx differ diff --git a/docker-compose.yml b/docker-compose.yml index 8322ef0..728d1dc 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,11 +1,11 @@ version: '3.9' services: - key-vault-emulator: - container_name: key-vault-emulator + keyvault-emulator: image: azure-keyvault-emulator:latest build: context: . + hostname: azure-keyvault-emulator.vault.azure.net ports: - 5551:5551 - 5550:5550 @@ -14,5 +14,5 @@ services: environment: - ASPNETCORE_ENVIRONMENT=Development - ASPNETCORE_URLS=https://+:5551 - - ASPNETCORE_Kestrel__Certificates__Default__KeyPath=/https/azure-key-vault-emulator.key - - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/azure-key-vault-emulator.crt + - ASPNETCORE_Kestrel__Certificates__Default__KeyPath=/https/azure-keyvault-emulator.key + - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/azure-keyvault-emulator.crt diff --git a/local-certs/azure-key-vault-emulator.crt b/local-certs/azure-key-vault-emulator.crt deleted file mode 100644 index 2fa0699..0000000 --- a/local-certs/azure-key-vault-emulator.crt +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIE+zCCAuOgAwIBAgIJAM1nSbDi3a14MA0GCSqGSIb3DQEBCwUAMCMxITAfBgNV -BAMMGGF6dXJlLWtleS12YXVsdC1lbXVsYXRvcjAeFw0yMTAzMTcxNTQzNDJaFw0z -MDEyMTUxNTQzNDJaMCMxITAfBgNVBAMMGGF6dXJlLWtleS12YXVsdC1lbXVsYXRv -cjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOFqzu28p+wxw/zqjU06 -iaK67Idsy1fVHmVLIvWJZse+QbNkX6Z2xeZrqQ3yXHQ6kZ0dhjQL0gAVnX+PkLqe -WfoI5jOp4feCgnykHou5aMqeAmFZxs7iGLUbtzysYK/48Hdo7ADz3PjVMP6qd7i+ -S328WZh+9Og3OVhLQhxc5hspUs+avGRGkl6bGNsTi5NFnCwwo0uzO/tj/HslOZOc -H5tk4zZTOspvupfkITIKcuU1k6J5F0iyb0RIxBkUlJ7gGTf7uQrjO+RYpEHC3ErB -zvtO/SPbaNcb57VHyaoZ+71JuqaSM+r8b7/oaxPMDnuacas2QcAPxAFlfDxfAqns -zOieKY+DrQe0EHcrCfg4dq0F+qIwOvBk43eAsY0X9b5IMm2jY2VwqRQgb42xJ4/N -FSeiS86brNlV2Vkz/hQj41QgTWzq3SK1WoDRqI/FD2ADLVv7ueP7DCfUSxr0GZbU -t9/lUr/vgYZxC51KAj6FVJZLIom8KAU5RiDGAKZCGwOH41+sDmdAGLWba+6p4Ddc -wfuB0HlXjF0CO2X8k77Zd57c5ECo3NhruXIyV+5gGYFNATgRYwrnZWw6Ejvw/wjo -YA44hCCjB/OzmFSZ+FEau1iDLfDLVe8KLhA4/gnTdDOL3yl9vjOY1B1nn+ax8MXn -20O0FtubOiK1eUjabTt63fhbAgMBAAGjMjAwMC4GA1UdEQQnMCWCCWxvY2FsaG9z -dIIYYXp1cmUta2V5LXZhdWx0LWVtdWxhdG9yMA0GCSqGSIb3DQEBCwUAA4ICAQBH -F0EQ4iQVjkFvdSKzlt2jvVrThjb+kQrPWDn/LL10oosInLcIGKefA+QPx7X9dXcu -RtameCyT/RT0dLT3mQ/xpemo4B42w9JL4Tc9Z1SG10SieMT8vrtVcXgZjfRCzR4F -xjb3Eh7ZnN2Obl2p/IrQnmOAK+oYA9S5JNCAySky79bOWPnZ9fUZ7UnxPsvuA4mB -nSC1ezPgIAV7JbulnLo38FpHANRv1jyCT0CqbIqvBv3G3DVcyuykXohSABiszIKj -OA+sPK4PcabOQv7tk+Kxm74r7PwPqQYmsmAKgA1tkbUPY4DyVks96F/lekdF/5WK -QYYklFcbCmBASdVEyIt4oFz06JQgCqBtoTqiOilUlM6zznV1GNz863omw3EWBJum -OGoFZb8SNnQf2hOI8iMqRTQNiRX+WWvfyjwzZfL0va3tpy/5zb3P6vwEPi8aX3Tb -ZEMViKY5I+ppiDsev3iDCXtUX13YprHd9Mn/udaRYFiKpnmXFYb7jcKG0WcIkCnd -/9nYXrQdTUzqZi+Go2wrF4lxio6g+7seIRpqqK+YwD3cCPg7OGXkbFHDMD1QcORY -Rc6tCQyhpcEtLHilRemPeccZA18VnlfsuPxXIu6vmXkv4MbyoM775B+E+uzdkrDN -Pr+1fHFUTGlC+Tt4KMlorj+f3Fe/DMvgGKrVojBvNw== ------END CERTIFICATE----- diff --git a/local-certs/azure-key-vault-emulator.key b/local-certs/azure-key-vault-emulator.key deleted file mode 100644 index bd5bf35..0000000 --- a/local-certs/azure-key-vault-emulator.key +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDhas7tvKfsMcP8 -6o1NOomiuuyHbMtX1R5lSyL1iWbHvkGzZF+mdsXma6kN8lx0OpGdHYY0C9IAFZ1/ -j5C6nln6COYzqeH3goJ8pB6LuWjKngJhWcbO4hi1G7c8rGCv+PB3aOwA89z41TD+ -qne4vkt9vFmYfvToNzlYS0IcXOYbKVLPmrxkRpJemxjbE4uTRZwsMKNLszv7Y/x7 -JTmTnB+bZOM2UzrKb7qX5CEyCnLlNZOieRdIsm9ESMQZFJSe4Bk3+7kK4zvkWKRB -wtxKwc77Tv0j22jXG+e1R8mqGfu9SbqmkjPq/G+/6GsTzA57mnGrNkHAD8QBZXw8 -XwKp7MzonimPg60HtBB3Kwn4OHatBfqiMDrwZON3gLGNF/W+SDJto2NlcKkUIG+N -sSePzRUnokvOm6zZVdlZM/4UI+NUIE1s6t0itVqA0aiPxQ9gAy1b+7nj+wwn1Esa -9BmW1Lff5VK/74GGcQudSgI+hVSWSyKJvCgFOUYgxgCmQhsDh+NfrA5nQBi1m2vu -qeA3XMH7gdB5V4xdAjtl/JO+2Xee3ORAqNzYa7lyMlfuYBmBTQE4EWMK52VsOhI7 -8P8I6GAOOIQgowfzs5hUmfhRGrtYgy3wy1XvCi4QOP4J03Qzi98pfb4zmNQdZ5/m -sfDF59tDtBbbmzoitXlI2m07et34WwIDAQABAoICAFRfOAi//lJn5iW6XR009eNU -98dQr2O2v2PGldU1kqTcz5an0S1rc3NlhKdVuck/StV2AY9lhTrG3Gasg812C9OM -lS1tPsj3roOcolpGEbUVI2rwwXsaIYlYUGODWcVD9i2btgo9PM5ebbJEd/9MKtFr -OFXd3ykz0mD7+kjHdNFhzD8seatGxu5mOw106V88RNI9ekGRWrgjmpM1QbHAVAxD -3M+uo2i2HS9REiO6yXqFbTb5AAAT2ZXDbrK8g0xcMNRFgeNTXk1/6Cs9Fltc424p -CJLtQvaQ2U9/CTqD8zfMavKB8rDXv7Qi+EE2tY0KJ9Wfv0h2HjUvmSq3nTWhDqim -ze47Y8HqC161QnX965oQwHi2TiMTA1YcpQ5MXLG7oMJKQDPw+Y+JO73i2icEOBZB -3LtObUxyPxr7jbzI9aYN3GKEQIyF0fBbhoGz/4QeSkxZluALyEdhCZZclCm7EteA -BTXF767l92ChgIL6Wr/v187P15vEXRRg4Dhvu2j/4HwyY02LwOxx1UIoHnQlRD9k -rnZrol8FGdwd1BfV4jcgi7GElmZ5Y1oxsqz4xxiwfaUUR3YLIG8UTbyZBlI3w7ac -hMRYZinxOd8n9Y/M48bYGKsb/jIl5IzNMbvL2jM2DSk5f5zHVxyCB608Ev5bB7u2 -wwlka4gjBLYOlhOAohmxAoIBAQD8Y+amCTeHMELRJTRgeTeZZBjpnTP3P2xOc2+x -/aYPeiZ1Q+AitRkSQDV/NHtenOIFfvTn91rpHwSZnVX+Q9y6+tdtGs2DDYFDJRK9 -m8LtFRNb1RoN14CyKl43nXWqEdZLLMR5hwQxXoJBoTDbkyNgvTr0yF3ED9IRE4W8 -eAKdteG69LRbgnmfjsKoRgT6uIsjt28iU9eDg+nOcQF2lLYC/tFLIm6IDBtiiNZG -vLAKsOpOxjwHoCFVw+/7KNu+vCqvVVjMIGzwJkeVCti13vO8t+95yevBbPDKacrm -UqDyxsjwpQxHrtCQPyyz7j1JFdrA834snq3HcfLzBcHklSbVAoIBAQDkpCYLbx4d -arS1uFCKZAab4RkZddWhUQsXk459tihfmZiyfaHjLM+XPZwLiz2xP/61oMbM5UhU -BQUdMtc/ytl69nMA3lCJwFZZh8vRMQeJnoc+MrWRspsOKe1ospUZkaj5jHfJKSZf -QNWPaWBfE7mQAAHTbvqCamBYKb9nOiy7vfL22HPONOzT6tKTE5vap4UFhFABEsGn -nhIWzFTg3yRZtdMMvn5YteFaDwTxpETq1X66R1++SU7u8TefZPjwY05BCIiKzF4s -Sh4y8ZsEPzotDcwrpl+KDo1ZQ0V8C2Uio/VdUAY0ElQn1snbnBu6h87H8gAIosxL -wfx5F5hofppvAoIBAHfR0akXjRYQEliKKiB2y691tuIJcKc7o+ZmpStB+Pk2C1X2 -gEzZ3uosM3mNZ9hV8HOdfxU0+CLeR+fJqw6IFx1pgqZYaCKEYc6Hpir/7H1zWPpq -4/CYU4/Bz3LlvPuddjfALBJpx9LMRFh19uT3KH9/tqKJEQLIY/kZZI9CBjPrKhwA -mjMrcSQPuVf7zdddjyjIp+kLFrBoCrKoMYKjPPmVEbVyxjiuTr3rqpZwc77PmJ0H -PW59VfYKjD6XeiNF35nXkc1uw2kLM0aNnK5TBzGbvQP7mYH9fx8JNHs91Q0M1E5y -fK73Tip843MUcmHlDzI1Jrx2JJgf/6/iFte2+3UCggEBAKu49bIExPOHHy6UvjkS -ozwUNku/CrJcMh6E/rJAS9ZxgBQe86WyFEAdT8QD0lP8Iou7s1RUqJwiIRMrCiup -aOpHi1yNnKO5R6F6soPtdSHRZPY8E87X/EkJCHxoFD/d/LFg5N66/0zvXvaVSIJg -SDB1MOniIlgtGSteP5mCQfLH2WG4dFHdwjnv1jQMuDPjOa9JDuWfdr8zo5Zn5R/3 -uE+AloCt2is6f4SqXyY2IGTX8JRr4ucCHDyuAv6+UZIKo82IYTUOBXTyPfg5Khpo -eoM4J65pCLyh7VurgNaHoHACANkSr3YQhhBd68H7X4AbXB0kDw5tZ09G5R71r8xb -uhUCggEBALFkC6lLJW00cA/GxALTQMIQ9rSbwIpW5BiDGzEAK/W+joqIBwUNtHZA -BTRSRDYyTZfopXoOfo2XFcP29l+gNuajdYSCEi3IjB4LYdOBl80kWae7JhwuH0wl -hGq3xg4X8TyjxGfDitrlSUb15j3BysfyoWtT41eyjblAD+fPF4x92zJrELXJ5Iwy -CO1c/WrsdJLo8kPrgTleD8y6i8j9UGkPB/kZWPv1Ul7JFRnKllz7i4L68UL1do6U -bvIXxt1y2ykya0yP4JtuK0jVPrLsiXRDh7TIGjho0rQfQvAJyZSKDdibbcGsU9Wm -MFwOJ6iEFgHtpkGxozutMa31Q9COmx4= ------END PRIVATE KEY----- diff --git a/local-certs/azure-keyvault-emulator.crt b/local-certs/azure-keyvault-emulator.crt new file mode 100644 index 0000000..30ef583 --- /dev/null +++ b/local-certs/azure-keyvault-emulator.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFPDCCAySgAwIBAgIJAN6yZUBL6I4XMA0GCSqGSIb3DQEBCwUAMCIxIDAeBgNV +BAMMF2F6dXJlLWtleXZhdWx0LWVtdWxhdG9yMB4XDTIyMTAwNDEzMzMyMloXDTMy +MDcwMzEzMzMyMlowIjEgMB4GA1UEAwwXYXp1cmUta2V5dmF1bHQtZW11bGF0b3Iw +ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC0NIpwcSq9bQiciTprOLGf +6TwqvdPAO1XlB3B6m0kVhD3wdj7+R3qePeuhFhAGUCczlbMqg47L2Vca6u7ieIna +mPBA0G+fTk486T96qK26XUumVwdbrs5fNrWCCQlD9O5kV1pp2N3AQ6pi5FdMfOWD +cSdvjRIZdhm/PVFWX2PD9xbyJIrPClIGeEcz/hzx4xeRSF4fRGrCaR8GAOJLbG1e +si8SZIXer/bek0iSlrBCUDjcqFVRg3nFMrc85abO7ZDTHbDYxFbEAG+Jd1UXb/y4 +PJCOgK3LTRFprW0U9qPnyrrtHL+zsMCWX4nESeoqkwBsW3XBH/reer3HZOGEk7KJ +OHxZWQGxl+dP+s3kGCjxBCtWbraceFlqbYVwqUG3zZc/M/0g6oNxRuCJS66oUq/5 +XnPZUoTvYDoblKFdlKt6ycNjENu2fDzOgsf6c+qNq+ZlT1CAcwR4NGW6lZ3V29+C +cz/ECztfEwpbZdQFl5aCzMmZD5l3/K8HKFltyxQmtwS7K1cHVzxwMvSCVnV87op6 +EMpUHZ8895KDmZccb25O+B6pW2VEERCUIxC+O6Vb6M0ppUsfJnOd3Qut77NHYKkg +FHCjetzPRX4zHuntpSKPZ4Ax5wexfm7tIbOqCI1VImEzVYdlO4chPA3ceREz4A4o +eGs3zoJcJe7gVHOWisinYQIDAQABo3UwczBxBgNVHREEajBogglsb2NhbGhvc3SC +F2F6dXJlLWtleXZhdWx0LWVtdWxhdG9yghlsb2NhbGhvc3QudmF1bHQuYXp1cmUu +bmV0gidhenVyZS1rZXl2YXVsdC1lbXVsYXRvci52YXVsdC5henVyZS5uZXQwDQYJ +KoZIhvcNAQELBQADggIBAC4tiVEKxmFUPRTsdejW8hETf2RLs2XZYLx7Nz0fPiJD +xUi2Y39R3yHOrcxxOGMgEIg1HiuVALqWVfwTWhlFkChNDNIjknpMNvK1SONWpYcx +6RXg41M9N5myAdxrD5lrjsJ5/FlxYMPp5ONJ2g8Iu4iPpuHu6kpBnMLAXDsnsPzh +fHgswJesE3AJlfEJi4Zftv0BPs3cpfrPYaAHCz9kHBsipKbKYc112wwArcqUh9T6 +BBu8yDjCmKxcrmo8JhSUu4qjBD+YjLyP5TjBIVF84cDHbw4OTFh0QWk5nntQg3sB +2vO5KJpcIIjQYMBrHalipj/tKZAVk3KT64QSBECCf+rxH8zDphED/fOmo55K3v0S +Jrewsdxmuo7KBWzklZ9gzbIdow7/fen90QUl1v33C9cXIS5DfodstOsm10H4k34A +pL05Uz1YYxtAT0ezPmwRKTC9bJ5C4INR+m++4YOtZwwXIXKM35mb6PTGhx8l4J/N +yIzrK/kCbPMPxoH2qjvDuPPeNedccQS6ONaV5NLKE6CBmYIumqgKwEf/n6v/Ns62 +ka1ym8G5rIFwriE1vOj2GVOlnsh6jsKwfRq8WL+Xom1lCTsXORBS+zc3KT/gy74Q +Dkm/ftCTgP+KQA5Of9P+wLmZSUuqGCUhFuDfna8vwBcRBeVYifqcmeu1nj7ejLzf +-----END CERTIFICATE----- diff --git a/local-certs/azure-keyvault-emulator.key b/local-certs/azure-keyvault-emulator.key new file mode 100644 index 0000000..eb43b29 --- /dev/null +++ b/local-certs/azure-keyvault-emulator.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQC0NIpwcSq9bQic +iTprOLGf6TwqvdPAO1XlB3B6m0kVhD3wdj7+R3qePeuhFhAGUCczlbMqg47L2Vca +6u7ieInamPBA0G+fTk486T96qK26XUumVwdbrs5fNrWCCQlD9O5kV1pp2N3AQ6pi +5FdMfOWDcSdvjRIZdhm/PVFWX2PD9xbyJIrPClIGeEcz/hzx4xeRSF4fRGrCaR8G +AOJLbG1esi8SZIXer/bek0iSlrBCUDjcqFVRg3nFMrc85abO7ZDTHbDYxFbEAG+J +d1UXb/y4PJCOgK3LTRFprW0U9qPnyrrtHL+zsMCWX4nESeoqkwBsW3XBH/reer3H +ZOGEk7KJOHxZWQGxl+dP+s3kGCjxBCtWbraceFlqbYVwqUG3zZc/M/0g6oNxRuCJ +S66oUq/5XnPZUoTvYDoblKFdlKt6ycNjENu2fDzOgsf6c+qNq+ZlT1CAcwR4NGW6 +lZ3V29+Ccz/ECztfEwpbZdQFl5aCzMmZD5l3/K8HKFltyxQmtwS7K1cHVzxwMvSC +VnV87op6EMpUHZ8895KDmZccb25O+B6pW2VEERCUIxC+O6Vb6M0ppUsfJnOd3Qut +77NHYKkgFHCjetzPRX4zHuntpSKPZ4Ax5wexfm7tIbOqCI1VImEzVYdlO4chPA3c +eREz4A4oeGs3zoJcJe7gVHOWisinYQIDAQABAoICAQCFVksJH/Mr7j1s9e0P4Qcs +93rZdVP07PKFYJfNYJEXJp5eCmBZ7bHA3Lg4nQaGZVBcTuwfDPDfzJUzCZpwYBhA +cuFyU8gD7ADf+QZLT/wb5WRQVBzRreptcSGkceM1MUojXK89moWZ+XddbO9bXR7F +vzgaxhsaU9SBOHGyoypCmdWUnY1H3K8Msnqc8e2g3RNXIGDkac9Ewlt+KbFHdZcH +dnh194NGXpUf44LTVERfDNTGEJfwlIPJcdk7agGfIxEB5PoxqjU5GcltwapoiShJ +eibMClKOFxxHQVdxJ33nyI2/XIJMBwC5Qz/AyaBGmDa79oCOwYbyj4dUvkRPwKlc +uV8aG9GZVIM6S+fTs0y4qKp8agLaNiGot3LinGzN/8eOwzKFeHBVTeSqjmrXETvF +C37M4KdoKGqYcWMzJ5636jgOdNs9ahkiov6XF4MKZekrVgP3JRjBqv+gHBvdIfGy +XnvGKDNvcW3pbRJxILz+gvFpVqqQH5gEyOmdHiCUfA3aDAPfKoLVIM7taGFeGNPd +pW5nHVbDPx6aIR4TTMiokBMHGcXzlgNog4T+e5iF/4r1OkFr5SaUz07NVjn+YU89 +ktqI5dC0XhUoJ+KFDvOw0XibRU3YJTZXuOl5Y0/YJm3yIxQqk0J/odrzPYa6pyRf +mAeQ46h859+TJtI+9dNGQQKCAQEA2EI1aP/bTDBtXR5O5vRS6MdcNlx/i0Cg42Jr +13P4dttbF0p2o685gel+ukXO/Qj7bjLxihM+aQbavOhvyl/r0FmwZgWG9GiSOTLj +kbxc12mYIuv2M0zIfInB60TRfycbiHrL5VkMdFWrZiYGO/DLGAnrZ8FeZv8Ccaio +wYDV4figkPN7VHslxSrNGQpb+Nyuzjfga2EVI5ueXzeXFH45iWaFCQTcmDRMc2Ui +CrjbwPJY9Gn/JpY2+NmFqUkbNuc2KI+HnvFI1u2yuAlSF5E/HPbmCvbIzhbUTU/A +ibqBU/vbxL68oNYjnexJJ5tQ6hY/c+2XuZCp64DDFwhaYYMwTQKCAQEA1VI3ZFIN +19fVdveoI3+amCHrCNJfWsy69o2QUkLDr5CA6Vsh0ymKvztfhqzAxncAmmSiGaMU +Uk4Wm+Zu0hPP95Nr24tbRxei/9CLJFl4Y9+ZzOJ/AlTNc7q3itdqiYlaGSF6oR0i +mHgb9CEi4YRmLJD8x7stG0BJdx2zcsq72Wf47tM9Cso/BxM5quUWOIDi7Nu+6nz/ +D/1vYExH/t5RO01GD/VbA2nly0Mc+tlGnKBGbqn6OplU9AO3x6y6z7TekhGSyZps +vTIY5wrxJzBjartnHIevC3NKZRkVNAViT+UIagBFkbCdzvtj7e0cjsvjYJCVW8i0 +kf/TbHsl0bV9ZQKCAQEAl2UCbxdvNs9QQLhPFHBG+p9WdtgakioUeBsW1CZj8xFt +m8iNddndsIz+IvlsBsia/HK9laQTNQOPbmBqooq0U4/2ZfXInKH4fAKcPhJYDJXn +48q8+Pzv/f+SulnbL+D47XrJ8y18ApVXAJPuGVhhVdrb6i79H6220Er6mTzQfvnH +rrJFzMbJklZ8buNJr9cOqV+ExKeaXOs82/vW0IntTbtvtvioVgWG3+IVCtyPO2xt +ye3KqgDPSzc8015SpwUGbS7OCv9vtseBLkWYKteMD4LpWRObUGu7BMSoTcM7dsgC ++qFs/Evtc0lPjWK2KqqYkVfruAUGb9Acw6sdWta0oQKCAQEAyNadPCBc1Chq25UT +gkhzPmRAqo+WIyC5rcNea3RcVIDSPeIFGI/2B1FZAKzI2pHTyYiRbV2ylkLa2nC7 +SaJJnKf5Vjv/9hD077BiMBjkVfOBE/ry5Tj+LcVPZLKnpVHht+NjVyjdF3uNpe1E +r9o9cBwZQdqh/xQplrIp7xucfHV9Uy0iPXRonrqlApaosw31mFbTimWgpmdPYvSu +m/CnvhNksUWpKK+dIB/RuwKxjmj/ptT1uBIAf7S4ZI/lWgTJv/A3qQNw+TefZndQ +0DqofyZtT9kXHsqu8jwJUG75Pos9vr7+wMnt6Z+ZV7pztqWTL6kwVbfC+epIHcxb +sPMUWQKCAQBsrXQxsIJuLoxW+VbxJbwEnoqFeHSLpPGAH8Q1iAi8woLJIPHv5oYu +EQAr5yPBfGIfR+wVoU2WP0DSKoctS80VEFhKNfkhEyRMQZITynhu/Yc2U27I2mb7 +3OcuZKdD4x3WlGZi8AZvQZwvRebmUs6F/2/Itoat8UTDtQx43Iar65/dvjkY28vh +nnWrkyJP0hIGIT4t4ZM2vG8+OQbJCSq5aXv8zwCW/CoiBk0C+5nLCpkPAs/eIATf +IHYu8t5CrjtBLzfzbannWbRPeskRQp3X4GvRKDOIVcmn2X9nvbA+dS2E+cYxRpmp +V20NPv6LYUshyYwOo3z25EX57WbuMnuK +-----END PRIVATE KEY----- diff --git a/local-certs/azure-keyvault-emulator.pfx b/local-certs/azure-keyvault-emulator.pfx new file mode 100644 index 0000000..1776344 Binary files /dev/null and b/local-certs/azure-keyvault-emulator.pfx differ diff --git a/scripts/importcert.sh b/scripts/importcert.sh index d9571e1..8eb5a19 100755 --- a/scripts/importcert.sh +++ b/scripts/importcert.sh @@ -6,13 +6,13 @@ current_directory="$PWD" cd $(dirname $0)/.. if [ "$(uname)" == "Darwin" ]; then - if ! security find-certificate -c azure-key-vault-emulator > /dev/null; then - sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain local-certs/azure-key-vault-emulator.crt + if ! security find-certificate -c azure-keyvault-emulator > /dev/null; then + sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain local-certs/azure-keyvault-emulator.crt else - echo "azure-key-vault-emulator certificate already installed" + echo "azure-keyvault-emulator certificate already installed" fi elif [ "$(expr substr $(uname -s) 1 5)" == "Linux" ]; then - sudo cp local-certs/azure-key-vault-emulator.crt /usr/local/share/ca-certificates/azure-key-vault-emulator.crt + sudo cp local-certs/azure-keyvault-emulator.crt /usr/local/share/ca-certificates/azure-keyvault-emulator.crt sudo update-ca-certificates fi diff --git a/scripts/stopservice.sh b/scripts/stopservice.sh index ea8b76e..4fc7572 100755 --- a/scripts/stopservice.sh +++ b/scripts/stopservice.sh @@ -5,7 +5,7 @@ current_directory="$PWD" cd $(dirname $0)/.. -docker stop azure-key-vault-emulator +docker stop keyvault-emulator result=$?