use valid cert/key in test

1 files changed, 21 insertions, 6 deletions

diff --git a/configserver/src/test/java/com/yahoo/vespa/config/server/tenant/EndpointCertificateMetadataStoreTest.java b/configserver/src/test/java/com/yahoo/vespa/config/server/tenant/EndpointCertificateMetadataStoreTest.java
index 5193e23fce0..d71eab25ce3 100644
--- a/configserver/src/test/java/com/yahoo/vespa/config/server/tenant/EndpointCertificateMetadataStoreTest.java
+++ b/configserver/src/test/java/com/yahoo/vespa/config/server/tenant/EndpointCertificateMetadataStoreTest.java
@@ -7,11 +7,23 @@ import com.yahoo.config.provision.ApplicationName;
 import com.yahoo.config.provision.InstanceName;
 import com.yahoo.config.provision.TenantName;
 import com.yahoo.path.Path;
+import com.yahoo.security.KeyAlgorithm;
+import com.yahoo.security.KeyUtils;
+import com.yahoo.security.SignatureAlgorithm;
+import com.yahoo.security.X509CertificateBuilder;
+import com.yahoo.security.X509CertificateUtils;
 import com.yahoo.vespa.config.server.MockSecretStore;
 import com.yahoo.vespa.curator.mock.MockCurator;
 import org.junit.Before;
 import org.junit.Test;
 
+import javax.security.auth.x500.X500Principal;
+import java.math.BigInteger;
+import java.security.KeyPair;
+import java.security.cert.X509Certificate;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
 
@@ -26,6 +38,9 @@ public class EndpointCertificateMetadataStoreTest {
     private MockSecretStore secretStore = new MockSecretStore();
     private EndpointCertificateMetadataStore endpointCertificateMetadataStore;
     private EndpointCertificateRetriever endpointCertificateRetriever;
+    private KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.EC, 256);
+    private X509Certificate certificate = X509CertificateBuilder.fromKeypair(keyPair, new X500Principal("CN=subject"),
+            Instant.now(), Instant.now().plus(1, ChronoUnit.DAYS), SignatureAlgorithm.SHA512_WITH_ECDSA, BigInteger.valueOf(12345)).build();
 
     @Before
     public void setUp() {
@@ -33,8 +48,8 @@ public class EndpointCertificateMetadataStoreTest {
         endpointCertificateMetadataStore = new EndpointCertificateMetadataStore(curator, tenantPath);
         endpointCertificateRetriever = new EndpointCertificateRetriever(secretStore);
 
-        secretStore.put("vespa.tlskeys.tenant1--app1-cert", "CERT");
-        secretStore.put("vespa.tlskeys.tenant1--app1-key", "KEY");
+        secretStore.put("vespa.tlskeys.tenant1--app1-cert", X509CertificateUtils.toPem(certificate));
+        secretStore.put("vespa.tlskeys.tenant1--app1-key", KeyUtils.toPem(keyPair.getPrivate()));
     }
 
     @Test
@@ -45,8 +60,8 @@ public class EndpointCertificateMetadataStoreTest {
         var endpointCertificateSecrets = endpointCertificateMetadataStore.readEndpointCertificateMetadata(applicationId)
                 .flatMap(endpointCertificateRetriever::readEndpointCertificateSecrets);
         assertTrue(endpointCertificateSecrets.isPresent());
-        assertEquals("KEY", endpointCertificateSecrets.get().key());
-        assertEquals("CERT", endpointCertificateSecrets.get().certificate());
+        assertTrue(endpointCertificateSecrets.get().key().startsWith("-----BEGIN EC PRIVATE KEY"));
+        assertTrue(endpointCertificateSecrets.get().certificate().startsWith("-----BEGIN CERTIFICATE"));
     }
 
     @Test
@@ -59,8 +74,8 @@ public class EndpointCertificateMetadataStoreTest {
         var secrets = endpointCertificateMetadataStore.readEndpointCertificateMetadata(applicationId)
                 .flatMap(endpointCertificateRetriever::readEndpointCertificateSecrets);
         assertTrue(secrets.isPresent());
-        assertEquals("KEY", secrets.get().key());
-        assertEquals("CERT", secrets.get().certificate());
+        assertTrue(secrets.get().key().startsWith("-----BEGIN EC PRIVATE KEY"));
+        assertTrue(secrets.get().certificate().startsWith("-----BEGIN CERTIFICATE"));
     }
 
     @Test