diff --git a/roles/web_server/molecule.yml b/roles/web_server/molecule.yml new file mode 100644 index 0000000000000000000000000000000000000000..0c816ac84f1faf2988d72a6c31f09f9ff8e60842 --- /dev/null +++ b/roles/web_server/molecule.yml @@ -0,0 +1,47 @@ +--- + +dependency: {} + +driver: + name: vagrant + +vagrant: + + platforms: + - name: debian-jessie64 + box: debian/contrib-jessie64 + + providers: + - name: virtualbox + type: virtualbox + options: + memory: 512 + cpus: 1 + + instances: + + - name: client1 + groups: + - client + interfaces: + - network_name: private_network + type: static + ip: 10.31.127.20 + auto_config: yes + + - name: parameters-mandatory + interfaces: + - network_name: private_network + type: static + ip: 10.31.127.30 + auto_config: yes + + - name: parameters-optional + interfaces: + - network_name: private_network + type: static + ip: 10.31.127.31 + auto_config: yes + +verifier: + name: testinfra diff --git a/roles/web_server/playbook.yml b/roles/web_server/playbook.yml new file mode 100644 index 0000000000000000000000000000000000000000..7406fb82c0c76b1e1ca869ab52632b84ebcf560d --- /dev/null +++ b/roles/web_server/playbook.yml @@ -0,0 +1,77 @@ +--- + +- hosts: all + tasks: + + - name: Update all caches to avoid errors due to missing remote archives + apt: + update_cache: yes + +- hosts: all + tasks: + + - name: Set-up /etc/hosts entries + lineinfile: + dest: /etc/hosts + line: "{{ item.key }} {{ item.value }}" + with_dict: + 10.31.127.20: "client1" + 10.31.127.30: "parameters-mandatory" + 10.31.127.31: "parameters-optional" + +- hosts: client1 + tasks: + + - name: Install tool for testing TCP connectivity + apt: + name: hping3 + state: installed + + - name: Install console-based web browser for interactive testing + apt: + name: lynx + state: installed + + - name: Deploy CA certificate + copy: + src: tests/data/x509/ca.cert.pem + dest: /usr/local/share/ca-certificates/testca.crt + owner: root + group: root + mode: 0644 + notify: + - Update CA certificate cache + + handlers: + + - name: Update CA certificate cache + command: /usr/sbin/update-ca-certificates --fresh + +- hosts: parameters-mandatory + roles: + - role: web_server + + # common + ca_certificates: + testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}" + + # Common parameters (general, not role). + tls_certificate_dir: tests/data/x509/ + tls_private_key_dir: tests/data/x509/ + +- hosts: parameters-optional + roles: + - role: web_server + default_enforce_https: no + default_https_tls_certificate: "{{ lookup('file', 'tests/data/x509/parameters-optional_https.cert.pem') }}" + default_https_tls_key: "{{ lookup('file', 'tests/data/x509/parameters-optional_https.key.pem') }}" + web_default_title: "Optional Welcome" + web_default_message: "Welcome to parameters-optional, default virtual host." + web_server_tls_protocols: + - TLSv1.1 + - TLSv1.2 + web_server_tls_ciphers: "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:!aNULL:!MD5:!EXPORT" + + # common + ca_certificates: + testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}" diff --git a/roles/web_server/tasks/main.yml b/roles/web_server/tasks/main.yml index c72ce0d1f345d1ae4c426a1864e340dd2dccbf7b..bf4007f07e4f4a3b3319589d697eb4dfa1d52448 100644 --- a/roles/web_server/tasks/main.yml +++ b/roles/web_server/tasks/main.yml @@ -10,19 +10,19 @@ - name: Deploy nginx TLS private key copy: dest="/etc/ssl/private/{{ ansible_fqdn }}_https.key" content="{{ default_https_tls_key }}" - mode=640 owner=root group=root + mode=0640 owner=root group=root notify: - Restart nginx - name: Deploy nginx TLS certificate copy: dest="/etc/ssl/certs/{{ ansible_fqdn }}_https.pem" content="{{ default_https_tls_certificate }}" - mode=644 owner=root group=root + mode=0644 owner=root group=root notify: - Restart nginx - name: Deploy configuration file for checking certificate validity via cron copy: content="/etc/ssl/certs/{{ ansible_fqdn }}_https.pem" dest="/etc/check_certificate/{{ ansible_fqdn }}_https.conf" - owner=root group=root mode=644 + owner=root group=root mode=0644 - name: Remove TLS protocol configuration from the main configuration file lineinfile: dest="/etc/nginx/nginx.conf" backrefs=yes regexp="^\s*ssl_protocols" state=absent @@ -31,17 +31,17 @@ - name: Harden TLS by allowing only TLSv1.2 and PFS ciphers template: dest="/etc/nginx/conf.d/tls.conf" src="tls.conf.j2" - owner="root" group="root" mode=644 + owner="root" group="root" mode=0644 notify: - Restart nginx - name: Deploy script for verification of nginx vhost configurations copy: src="nginx_verify_site.sh" dest="/usr/local/bin/nginx_verify_site.sh" - owner=root group=root mode=755 + owner=root group=root mode=0755 - name: Deploy default vhost configuration template: src="nginx-default.j2" dest="/etc/nginx/sites-available/default" - owner=root group=root mode=640 validate="/usr/local/bin/nginx_verify_site.sh -n default %s" + owner=root group=root mode=0640 validate="/usr/local/bin/nginx_verify_site.sh -n default %s" notify: - Restart nginx @@ -52,7 +52,7 @@ - Restart nginx - name: Deploy firewall configuration for web server - copy: src="ferm_http.conf" dest="/etc/ferm/conf.d/30-web.conf" owner=root group=root mode=640 + copy: src="ferm_http.conf" dest="/etc/ferm/conf.d/30-web.conf" owner=root group=root mode=0640 notify: - Restart ferm @@ -64,11 +64,11 @@ - name: Create directory for storing the default website page file: path="/var/www/default/" state=directory - owner=root group=www-data mode=750 + owner=root group=www-data mode=0750 - name: Deploy the default index.html template: src="index.html.j2" dest=/var/www/default/index.html - owner=root group=www-data mode=640 + owner=root group=www-data mode=0640 - name: Enable nginx service service: name=nginx enabled=yes state=started @@ -81,14 +81,14 @@ - name: Create directories for storing per-site socket files file: path="{{ item }}" state="directory" - owner="root" group="www-data" mode="750" + owner="root" group="www-data" mode="0750" with_items: - "/run/wsgi/" - "/run/php5-fpm/" - name: Create directories for storing per-site socket files on boot copy: content="d /run/{{ item }}/ 0750 root www-data - -" dest="/etc/tmpfiles.d/{{ item }}.conf" - owner="root" group="root" mode=644 + owner="root" group="root" mode=0644 with_items: - wsgi - php5-fpm @@ -100,11 +100,11 @@ - name: Create directory for storing PHP FPM service configuration overrides file: path="/etc/systemd/system/php5-fpm.service.d/" state=directory - owner=root group=root mode=755 + owner=root group=root mode=0755 - name: Configure php5-fpm service to run with umask 0007 copy: src="php5_fpm_umask.conf" dest="/etc/systemd/system/php5-fpm.service.d/umask.conf" - owner=root group=root mode=644 + owner=root group=root mode=0644 notify: - Restart php5-fpm @@ -117,7 +117,7 @@ - name: Configure timezone for PHP template: src="php_timezone.ini.j2" dest="{{ item }}/30-timezone.ini" - owner=root group=root mode=644 + owner=root group=root mode=0644 with_items: - /etc/php5/cli/conf.d/ - /etc/php5/fpm/conf.d/ diff --git a/roles/web_server/tests/data/x509/ca.cert.pem b/roles/web_server/tests/data/x509/ca.cert.pem new file mode 100644 index 0000000000000000000000000000000000000000..a41785fdd72787232ac39d645f36d2a0b7b04c11 --- /dev/null +++ b/roles/web_server/tests/data/x509/ca.cert.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEWTCCAsGgAwIBAgIMWVEJAy6O6Abooz68MA0GCSqGSIb3DQEBCwUAMEgxIjAg +BgNVBAMTGUV4YW1wbGUgSW5jLiBUZXN0IFNpdGUgQ0ExFTATBgNVBAoTDEV4YW1w +bGUgSW5jLjELMAkGA1UEBhMCU0UwHhcNMTcwNjI2MTMxNTQ3WhcNMzcwNjIxMTMx +NTQ3WjBIMSIwIAYDVQQDExlFeGFtcGxlIEluYy4gVGVzdCBTaXRlIENBMRUwEwYD +VQQKEwxFeGFtcGxlIEluYy4xCzAJBgNVBAYTAlNFMIIBojANBgkqhkiG9w0BAQEF +AAOCAY8AMIIBigKCAYEAufYIYdFLn8Xo8a3c0cUj7s9WEUYKDE6ETmsNFdZee2hK +qP2Li9bSr+vPjgMfi2UfxX/+i9x6LGqsIUxXVgrKlOf7R8bFg/runUI+4X1mZMJw +dBc1POhjkdfRbtfOdu1LtztW4Pc2tnyrAtmhcNHUCXNGRfDNpFKtIFe4OTA/4/eP +1EAyInHNqO2F8UgL8EDUMg9AQd4InVCPYRNlsv9j9qBVMjZiX7hoBC8k1laNkd4T +IdV6zet3+M5Fp/W9lvxFI1yPXw/xWM7K9R3nepunKniuGmjBsac/ZHCUFqJaHz5K +pXyMpSH1GTXOnIKFOldK4NYOzjCOR9Z+k63oJPZ+c7R9cKAZ7DERhS8X6MiykQ2s +hDY68i7HSZd9Dy5oLlH63evbi/tWJSG9mE/UamYuzORKR4PNwixaKQbteiDU59wK +azH5yQNGIqMSGkNgSsj9QW2NPkyNskuzCP04f77V/wSpum5PIygyuLidge9A+Vux +eb5v7XBS8Zp3Wn78JYrlAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0P +AQH/BAUDAwcGADAdBgNVHQ4EFgQUN2vbkxxpfpJMa99zhfiEllmBT2swDQYJKoZI +hvcNAQELBQADggGBADNZ9eJA3Jm5TJQoDct+FZOc16XZDlteGBxVJj+aQUlBFlJK +itvW/reR4SwZF/QRtCIzY7HN0rx0FVvfGR4sIcN2MALG+4Beee5nZR3KsNHhx895 +5ml7vqfNhnn/3/Gd7quqb2FskALfHAciuL+y0n/KcnnJ/3wZKR6xc5ON1VrwHSyI +ENxRC8/oeO9SBc9V5gG5CyELftUiGBE73IIGjV/wXiwBvgwPB+j8vrv5nQrKPsLk +b9ngSts/JSdiQH3cIbBpNoWz8Q8OIoQTt99GUKAScJX4UO7W5EHNmcCtCtOpgRg+ +Y49auOe/6A1n4rsLANZlDelhwCASQtZ04DdFl5QQpTuIOmd4l4KuNpqQ5Px+sxFu +oPenBiQkXuQn9rQaFTTSc9jVBoumRp61P0mvoGusRzjYYvdL8zYoH/246eliWgyy +60+/lgmDXpwf0a2d3fDTxuBmP1HlJYLUsS6ij+GKGgAOTCGmzygmyPOroDae+XOI +G2o8G6ziU8d8RICIng== +-----END CERTIFICATE----- diff --git a/roles/web_server/tests/data/x509/ca.key.pem b/roles/web_server/tests/data/x509/ca.key.pem new file mode 100644 index 0000000000000000000000000000000000000000..d2f3ab97e995f18f395d78cd62af20368aeb7b0f --- /dev/null +++ b/roles/web_server/tests/data/x509/ca.key.pem @@ -0,0 +1,182 @@ +Public Key Info: + Public Key Algorithm: RSA + Key Security Level: High (3072 bits) + +modulus: + 00:b9:f6:08:61:d1:4b:9f:c5:e8:f1:ad:dc:d1:c5:23 + ee:cf:56:11:46:0a:0c:4e:84:4e:6b:0d:15:d6:5e:7b + 68:4a:a8:fd:8b:8b:d6:d2:af:eb:cf:8e:03:1f:8b:65 + 1f:c5:7f:fe:8b:dc:7a:2c:6a:ac:21:4c:57:56:0a:ca + 94:e7:fb:47:c6:c5:83:fa:ee:9d:42:3e:e1:7d:66:64 + c2:70:74:17:35:3c:e8:63:91:d7:d1:6e:d7:ce:76:ed + 4b:b7:3b:56:e0:f7:36:b6:7c:ab:02:d9:a1:70:d1:d4 + 09:73:46:45:f0:cd:a4:52:ad:20:57:b8:39:30:3f:e3 + f7:8f:d4:40:32:22:71:cd:a8:ed:85:f1:48:0b:f0:40 + d4:32:0f:40:41:de:08:9d:50:8f:61:13:65:b2:ff:63 + f6:a0:55:32:36:62:5f:b8:68:04:2f:24:d6:56:8d:91 + de:13:21:d5:7a:cd:eb:77:f8:ce:45:a7:f5:bd:96:fc + 45:23:5c:8f:5f:0f:f1:58:ce:ca:f5:1d:e7:7a:9b:a7 + 2a:78:ae:1a:68:c1:b1:a7:3f:64:70:94:16:a2:5a:1f + 3e:4a:a5:7c:8c:a5:21:f5:19:35:ce:9c:82:85:3a:57 + 4a:e0:d6:0e:ce:30:8e:47:d6:7e:93:ad:e8:24:f6:7e + 73:b4:7d:70:a0:19:ec:31:11:85:2f:17:e8:c8:b2:91 + 0d:ac:84:36:3a:f2:2e:c7:49:97:7d:0f:2e:68:2e:51 + fa:dd:eb:db:8b:fb:56:25:21:bd:98:4f:d4:6a:66:2e + cc:e4:4a:47:83:cd:c2:2c:5a:29:06:ed:7a:20:d4:e7 + dc:0a:6b:31:f9:c9:03:46:22:a3:12:1a:43:60:4a:c8 + fd:41:6d:8d:3e:4c:8d:b2:4b:b3:08:fd:38:7f:be:d5 + ff:04:a9:ba:6e:4f:23:28:32:b8:b8:9d:81:ef:40:f9 + 5b:b1:79:be:6f:ed:70:52:f1:9a:77:5a:7e:fc:25:8a + e5: + +public exponent: + 01:00:01: + +private exponent: + 00:ae:08:f9:f3:41:c2:fa:b6:67:b9:b7:33:50:06:a6 + 08:5b:76:7b:18:07:53:59:30:2d:8b:b6:65:57:88:79 + 0a:33:c5:4f:f4:87:5c:f7:34:b9:06:38:2b:e8:1b:b6 + fa:33:06:04:9d:b4:2b:8a:e2:12:51:df:76:65:0a:18 + 69:9f:69:e5:d4:bb:09:37:90:95:10:68:74:f3:bd:1e + 53:72:96:d3:19:79:f5:2b:2a:54:c6:a6:6b:c5:c8:3b + 70:7e:fd:43:e3:aa:b9:43:b4:0c:ff:cf:d9:6d:12:92 + d4:7d:53:a9:25:21:ef:c5:88:4d:1a:8b:48:ca:45:20 + fe:91:56:dc:f5:8e:92:df:1c:57:9e:e1:1e:c2:3d:89 + 0e:8e:03:03:ea:20:f8:02:f2:60:1d:43:e0:0b:d3:44 + 24:8e:0c:ed:bf:43:f5:bd:49:6b:91:0b:72:a4:f2:3d + 2f:8e:cc:3d:54:7e:de:fe:1a:96:41:4e:5d:87:9f:84 + 5b:3c:92:8c:a7:73:e4:00:6a:13:02:44:d7:ad:89:31 + 50:ee:d2:ec:af:6e:47:e4:9b:59:3d:93:58:d5:71:1e + 64:f7:ac:68:85:ca:86:f7:6a:25:b0:ff:56:77:af:f4 + 50:43:49:0b:22:31:6b:79:6f:f2:74:df:7c:1b:e1:4d + 12:e7:ba:1e:65:38:ad:27:38:3b:50:6d:d0:e6:36:0e + b9:25:27:d8:31:e4:2e:be:01:b4:d8:fe:70:d2:12:ff + bb:7b:3f:f4:dc:51:83:17:33:8e:26:68:d1:89:3e:e5 + 67:00:72:e0:0f:92:83:ba:62:55:db:ae:84:7d:5e:cc + 7f:72:d0:dc:f3:88:9e:22:07:78:9a:e1:4e:e3:34:30 + 14:56:fb:80:93:f2:be:c3:cd:70:1b:fe:b0:da:41:3c + 28:9f:a8:0e:1c:79:1b:52:9a:a8:a8:cf:0e:16:f9:c0 + db:99:e9:df:4a:c3:66:7c:4f:a1:27:eb:f0:06:5e:4d + 41: + +prime1: + 00:f7:41:ab:a5:a1:23:37:e6:be:fe:85:e9:96:30:1b + c4:33:50:c8:85:5e:44:46:51:1d:3d:28:8a:21:58:2d + 3b:82:11:dc:bc:0d:76:c5:20:45:a2:34:c9:cb:85:3b + de:76:06:bc:c1:9f:4d:39:c3:63:ad:5d:0d:fe:bc:ab + 3f:2c:76:67:29:d9:a5:3d:38:af:a3:09:ff:09:ec:e9 + 15:85:04:e6:70:87:2e:ee:a0:78:26:73:a0:74:60:18 + ad:f7:8c:1a:f3:4c:07:53:b9:b8:9d:a6:d1:3f:8b:a3 + 13:87:16:a0:40:11:36:9b:f4:1e:b1:ba:b9:00:34:15 + d2:29:0d:e8:90:f7:c5:dc:c1:93:d3:e5:6e:6c:13:24 + 0f:11:cb:0d:37:ea:f9:f9:89:8e:91:71:4f:1d:5b:17 + f8:aa:94:8d:43:bf:ac:dd:d6:ec:3c:bc:70:d1:51:13 + 76:77:ef:9a:91:6d:4d:59:32:e6:97:93:d8:bb:14:60 + fd: + +prime2: + 00:c0:89:79:a8:73:86:20:c7:e9:0d:35:56:a4:d0:a8 + 37:21:76:25:e9:2f:9f:c0:e6:45:f6:27:54:56:4a:dd + 0e:c5:43:e4:ec:c5:20:97:16:5b:fc:ef:86:57:b1:e6 + ce:8b:e9:58:d4:a4:c3:a0:6d:f6:57:6d:8a:09:eb:d1 + de:63:42:81:76:9f:4c:40:f7:48:d3:99:1b:23:7d:eb + 8e:52:7b:e8:94:94:f3:d5:49:49:6e:da:38:c2:f6:b6 + 0e:27:7a:f9:4d:2b:6c:aa:a0:de:c7:b1:78:06:ee:7c + 5f:7e:33:6d:05:44:9b:9a:ca:90:12:61:a4:96:46:9b + 66:d1:8b:4c:e9:f1:21:2f:6c:26:aa:4f:56:3d:d7:03 + 8c:bf:33:24:a5:01:f5:87:a3:b2:d9:2b:82:2b:42:c4 + 5a:5d:40:84:d2:d8:7d:29:6f:69:21:a2:0b:ca:7c:46 + 34:b7:8f:29:11:2f:62:3e:87:a0:62:50:34:21:89:4a + 09: + +coefficient: + 0b:7d:31:bf:b5:89:0a:c8:2c:28:4c:41:98:ee:6f:55 + e5:69:d3:b2:1c:66:c4:da:1d:79:2d:8b:03:28:30:a3 + c9:6f:7e:94:a2:72:76:ce:1a:32:27:c6:f9:78:ae:d7 + d0:d8:af:a1:76:54:ff:2b:97:a4:5d:b5:ea:f6:a5:b3 + 08:a1:9c:46:7c:7d:80:38:32:a9:e4:09:7d:b0:e4:1f + e2:e8:e0:ef:84:f4:07:8e:4c:bc:02:72:ad:43:e6:c7 + 5a:e7:77:d1:81:27:8e:a6:bb:23:dd:14:69:cb:08:02 + 68:97:b8:ff:7f:c0:4f:43:86:d1:d8:8e:7e:9a:ae:1d + c5:ee:ae:19:03:d9:cb:f1:31:b5:7b:72:6c:cb:f8:d1 + c1:07:9a:e5:09:8f:2a:7a:92:4b:e9:1e:a0:7d:aa:ae + bd:87:60:be:77:b7:ab:de:c9:54:13:e9:6a:3c:82:cb + 94:e2:4c:bc:35:36:12:d6:0f:e1:77:58:ff:08:4e:38 + + +exp1: + 00:cb:b2:2f:5d:91:45:b9:5d:00:86:20:fe:51:fb:aa + 34:55:ee:3c:74:1b:37:f6:12:07:1b:86:55:5d:a9:0e + 02:93:62:71:cd:fe:ed:94:f2:c4:4b:20:60:0a:a9:e5 + ab:9c:e2:6a:08:bd:5b:5a:b6:0c:5d:1b:67:57:30:49 + 88:0e:f2:30:85:3a:c7:b5:8b:08:af:31:a2:09:a4:42 + 55:b7:33:55:40:e9:2d:91:eb:63:70:92:1b:63:24:73 + d0:86:3a:c7:4d:1e:9a:7e:b0:67:56:81:c2:ab:2e:37 + 97:f3:d7:81:07:a6:e6:ad:4e:4d:27:30:64:0e:b5:da + 30:3c:20:38:33:8d:dc:54:c4:a9:2b:8d:3d:0e:0e:2a + cb:bb:65:e3:aa:e8:8b:2d:b7:d4:5b:1f:d5:04:a3:32 + 39:6b:16:5c:d6:ae:87:14:6f:66:49:97:18:fe:68:63 + b7:5a:91:6b:6e:59:74:ba:82:83:93:e6:7a:4b:8d:3b + 65: + +exp2: + 17:76:29:1e:ff:c4:ce:65:cd:de:50:2b:98:b5:dc:69 + ab:68:2c:42:78:0d:2d:82:61:f0:16:e6:ce:05:1d:5e + d9:66:e6:94:7b:88:f7:20:40:61:58:06:b4:d4:f6:dd + 20:6b:74:e9:a4:92:3a:10:6c:3e:47:18:d5:10:a9:68 + 42:0c:2e:9e:77:d6:e0:eb:c1:32:17:ac:18:ed:15:31 + 28:97:f4:c5:76:49:28:2a:60:0a:64:09:1a:a8:d9:92 + 6b:f9:2e:3b:db:18:c8:ca:05:9b:ab:e2:86:65:b5:3e + 25:b0:ba:8e:33:c8:0a:5a:b8:a7:a4:c2:5b:95:8b:06 + 42:6e:89:16:d0:cd:4c:6c:0f:62:1d:7c:d2:d8:4a:94 + 72:10:17:5d:0c:1a:11:47:3f:59:fb:55:47:54:41:7d + 09:73:fd:3b:7c:29:f4:4c:a1:30:fa:00:19:d2:7e:f3 + 99:92:96:5c:83:bb:a3:06:ff:e2:3b:07:bf:36:6d:91 + + + +Public Key PIN: + pin-sha256:PbmtyJHWZjCUw6fCLCaAjguYDFU4CDEaD02/yWpD5bI= +Public Key ID: + sha256:3db9adc891d6663094c3a7c22c26808e0b980c553808311a0f4dbfc96a43e5b2 + sha1:376bdb931c697e924c6bdf7385f8849659814f6b + +-----BEGIN RSA PRIVATE KEY----- +MIIG5AIBAAKCAYEAufYIYdFLn8Xo8a3c0cUj7s9WEUYKDE6ETmsNFdZee2hKqP2L +i9bSr+vPjgMfi2UfxX/+i9x6LGqsIUxXVgrKlOf7R8bFg/runUI+4X1mZMJwdBc1 +POhjkdfRbtfOdu1LtztW4Pc2tnyrAtmhcNHUCXNGRfDNpFKtIFe4OTA/4/eP1EAy +InHNqO2F8UgL8EDUMg9AQd4InVCPYRNlsv9j9qBVMjZiX7hoBC8k1laNkd4TIdV6 +zet3+M5Fp/W9lvxFI1yPXw/xWM7K9R3nepunKniuGmjBsac/ZHCUFqJaHz5KpXyM +pSH1GTXOnIKFOldK4NYOzjCOR9Z+k63oJPZ+c7R9cKAZ7DERhS8X6MiykQ2shDY6 +8i7HSZd9Dy5oLlH63evbi/tWJSG9mE/UamYuzORKR4PNwixaKQbteiDU59wKazH5 +yQNGIqMSGkNgSsj9QW2NPkyNskuzCP04f77V/wSpum5PIygyuLidge9A+Vuxeb5v +7XBS8Zp3Wn78JYrlAgMBAAECggGBAK4I+fNBwvq2Z7m3M1AGpghbdnsYB1NZMC2L +tmVXiHkKM8VP9Idc9zS5Bjgr6Bu2+jMGBJ20K4riElHfdmUKGGmfaeXUuwk3kJUQ +aHTzvR5TcpbTGXn1KypUxqZrxcg7cH79Q+OquUO0DP/P2W0SktR9U6klIe/FiE0a +i0jKRSD+kVbc9Y6S3xxXnuEewj2JDo4DA+og+ALyYB1D4AvTRCSODO2/Q/W9SWuR +C3Kk8j0vjsw9VH7e/hqWQU5dh5+EWzySjKdz5ABqEwJE162JMVDu0uyvbkfkm1k9 +k1jVcR5k96xohcqG92olsP9Wd6/0UENJCyIxa3lv8nTffBvhTRLnuh5lOK0nODtQ +bdDmNg65JSfYMeQuvgG02P5w0hL/u3s/9NxRgxczjiZo0Yk+5WcAcuAPkoO6YlXb +roR9Xsx/ctDc84ieIgd4muFO4zQwFFb7gJPyvsPNcBv+sNpBPCifqA4ceRtSmqio +zw4W+cDbmenfSsNmfE+hJ+vwBl5NQQKBwQD3QauloSM35r7+hemWMBvEM1DIhV5E +RlEdPSiKIVgtO4IR3LwNdsUgRaI0ycuFO952BrzBn005w2OtXQ3+vKs/LHZnKdml +PTivown/CezpFYUE5nCHLu6geCZzoHRgGK33jBrzTAdTubidptE/i6MThxagQBE2 +m/Qesbq5ADQV0ikN6JD3xdzBk9PlbmwTJA8Ryw036vn5iY6RcU8dWxf4qpSNQ7+s +3dbsPLxw0VETdnfvmpFtTVky5peT2LsUYP0CgcEAwIl5qHOGIMfpDTVWpNCoNyF2 +Jekvn8DmRfYnVFZK3Q7FQ+TsxSCXFlv874ZXsebOi+lY1KTDoG32V22KCevR3mNC +gXafTED3SNOZGyN9645Se+iUlPPVSUlu2jjC9rYOJ3r5TStsqqDex7F4Bu58X34z +bQVEm5rKkBJhpJZGm2bRi0zp8SEvbCaqT1Y91wOMvzMkpQH1h6Oy2SuCK0LEWl1A +hNLYfSlvaSGiC8p8RjS3jykRL2I+h6BiUDQhiUoJAoHBAMuyL12RRbldAIYg/lH7 +qjRV7jx0Gzf2EgcbhlVdqQ4Ck2Jxzf7tlPLESyBgCqnlq5ziagi9W1q2DF0bZ1cw +SYgO8jCFOse1iwivMaIJpEJVtzNVQOktketjcJIbYyRz0IY6x00emn6wZ1aBwqsu +N5fz14EHpuatTk0nMGQOtdowPCA4M43cVMSpK409Dg4qy7tl46roiy231Fsf1QSj +MjlrFlzWrocUb2ZJlxj+aGO3WpFrbll0uoKDk+Z6S407ZQKBwBd2KR7/xM5lzd5Q +K5i13GmraCxCeA0tgmHwFubOBR1e2WbmlHuI9yBAYVgGtNT23SBrdOmkkjoQbD5H +GNUQqWhCDC6ed9bg68EyF6wY7RUxKJf0xXZJKCpgCmQJGqjZkmv5LjvbGMjKBZur +4oZltT4lsLqOM8gKWrinpMJblYsGQm6JFtDNTGwPYh180thKlHIQF10MGhFHP1n7 +VUdUQX0Jc/07fCn0TKEw+gAZ0n7zmZKWXIO7owb/4jsHvzZtkQKBwAt9Mb+1iQrI +LChMQZjub1XladOyHGbE2h15LYsDKDCjyW9+lKJyds4aMifG+Xiu19DYr6F2VP8r +l6Rdter2pbMIoZxGfH2AODKp5Al9sOQf4ujg74T0B45MvAJyrUPmx1rnd9GBJ46m +uyPdFGnLCAJol7j/f8BPQ4bR2I5+mq4dxe6uGQPZy/ExtXtybMv40cEHmuUJjyp6 +kkvpHqB9qq69h2C+d7er3slUE+lqPILLlOJMvDU2EtYP4XdY/whOOA== +-----END RSA PRIVATE KEY----- diff --git a/roles/web_server/tests/data/x509/parameters-mandatory_https.key b/roles/web_server/tests/data/x509/parameters-mandatory_https.key new file mode 100644 index 0000000000000000000000000000000000000000..7ff97f129be270d3d8711d21ac562d86fbc6a46d --- /dev/null +++ b/roles/web_server/tests/data/x509/parameters-mandatory_https.key @@ -0,0 +1,134 @@ +Public Key Info: + Public Key Algorithm: RSA + Key Security Level: Medium (2048 bits) + +modulus: + 00:c0:7c:c1:64:b5:42:b5:c1:38:e8:02:5e:88:40:a2 + c5:d3:de:7e:72:77:d4:d9:72:88:62:05:85:75:67:96 + 09:97:2c:9b:91:58:0f:83:ef:c7:64:1e:53:ed:0f:3c + 10:e2:97:a3:20:c3:aa:f8:16:22:55:d8:e9:0a:19:9f + e7:3b:81:76:79:27:eb:56:c5:13:9f:f1:18:0b:e4:94 + 1b:d8:91:1e:65:64:b4:8c:5c:8d:79:f4:4d:e2:0a:5d + a5:53:82:27:b0:a7:da:19:8a:0b:f2:e2:da:87:b9:4e + 98:47:1a:1c:b6:4a:15:52:40:e0:21:67:a1:3c:88:dd + e2:fb:37:53:9c:1d:69:17:a8:85:7a:03:a6:87:d4:c0 + ea:da:73:7c:d9:91:e6:5f:aa:3d:28:dd:3d:33:aa:76 + 82:88:a0:5b:26:67:72:11:b2:16:03:78:c7:5c:cf:11 + f3:66:17:53:6e:ac:01:c7:7f:7a:57:a7:9e:c0:4d:74 + 3e:f2:5a:89:bf:c4:16:8f:b9:7f:c1:bb:b7:8b:b1:96 + 9e:5f:ac:84:fa:01:66:57:ba:46:a5:7e:da:09:e8:bb + 4a:26:13:44:b9:44:31:b7:82:6f:a5:8e:6c:23:8b:ea + 0c:af:42:88:6c:a7:24:82:51:60:42:cf:b3:8d:54:f2 + 23: + +public exponent: + 01:00:01: + +private exponent: + 00:b5:dd:e9:d7:de:4f:3e:6d:66:f8:07:2d:0c:2d:8d + dd:be:75:ed:20:f8:49:ba:7e:35:8f:ef:c9:8e:09:26 + 40:bf:7e:1d:2a:71:7a:8f:5d:21:16:5e:75:4b:79:66 + 76:49:b1:9e:26:99:d9:52:f7:8e:cf:6f:d7:97:7c:68 + 91:d0:ae:5c:a2:d2:6d:d0:18:fa:96:d6:f3:b2:60:f0 + f3:72:66:82:c2:a8:28:d2:a9:ab:de:7b:4e:8e:f0:de + 54:13:97:d9:2a:57:1d:81:9d:e5:f6:42:12:d9:c3:e3 + 17:8b:ae:87:4c:50:a8:de:83:7f:80:f0:69:ee:49:1e + e2:ef:a8:f2:f7:b1:0f:a1:f8:64:0e:8d:6b:f8:e8:5e + 52:24:f5:44:8d:23:76:e0:90:a4:f6:3b:98:46:93:58 + 3f:52:b1:12:f2:6f:02:96:40:0e:18:4d:19:20:20:3a + 33:6c:cd:2e:05:c0:1a:bf:6c:74:c3:02:bb:9a:7f:e5 + 4e:bf:47:d6:c8:ee:71:43:d0:6f:f6:4f:72:65:ec:1a + 76:91:18:97:6f:e7:21:df:22:9d:02:97:83:5b:52:ca + 86:6f:07:74:67:70:80:85:d2:44:0c:b6:f6:b3:10:f2 + b8:45:e9:8c:d1:c2:e7:67:6d:00:78:0e:30:c7:76:0f + 31: + +prime1: + 00:cf:69:36:e8:83:17:46:22:20:ec:59:24:f7:16:4f + 8e:08:69:0d:29:32:24:9d:90:fb:8e:97:65:ba:3b:50 + 5e:ca:92:cd:9d:4f:fb:e3:7b:2b:41:58:6c:3a:e8:cd + 91:d9:14:b1:e0:22:d6:df:ec:c8:06:e4:85:f7:00:f0 + 53:a7:89:20:21:d8:ff:a9:3a:4d:59:06:30:04:fa:98 + fd:60:bf:6f:3c:79:c3:ad:79:91:1c:a6:94:00:44:be + e7:43:59:5c:21:ab:1f:aa:c7:5b:e4:ad:d7:00:4c:13 + 7d:63:89:af:4c:b6:ea:86:b2:59:1d:c8:f7:ee:94:1e + 7b: + +prime2: + 00:ed:94:8b:24:82:ab:89:6a:16:d9:75:4b:a6:0c:fa + 1f:84:13:0d:df:b6:33:6d:30:bc:a5:ee:f1:e3:3f:bf + fd:9e:c9:a8:21:1e:49:8b:a8:d1:d7:f2:49:24:a5:b7 + 89:00:13:e7:a8:83:e6:00:09:fa:85:f2:a4:93:06:9f + 22:fd:c2:b0:a7:42:ca:20:17:d0:c6:41:14:6b:f1:71 + aa:eb:81:b3:d9:b9:30:a8:0f:41:07:74:a2:0e:32:2a + 43:7f:f8:7b:c9:3e:34:fe:e1:b9:a2:4f:f5:7a:aa:9d + 96:92:dc:98:2b:63:2d:07:5d:75:55:fd:7f:5f:56:7e + 79: + +coefficient: + 60:71:c7:2c:4c:6e:e5:a5:38:ec:28:3f:54:9b:d7:4c + 97:be:78:99:51:75:43:38:9a:8b:7e:d6:5a:c6:97:cc + ae:3b:34:83:aa:fc:f3:51:1a:69:38:b4:88:2e:f4:63 + 66:2f:23:92:3b:29:16:e1:52:91:37:d0:b3:e7:aa:2e + b6:b1:00:0a:a5:64:82:b0:8e:2f:25:9b:6f:eb:9f:56 + 46:57:75:9f:e6:65:36:42:c2:c9:e0:1c:b9:5d:b9:eb + 94:86:29:36:87:fc:92:5d:9a:ac:d9:c7:f9:b4:28:24 + 43:f2:4a:51:20:3b:db:9b:7f:a4:8f:d8:e4:6f:6a:94 + + +exp1: + 57:09:c2:1f:04:94:09:bc:5c:b0:92:20:2f:08:4f:ce + 3c:bd:48:e6:96:c2:42:d5:0a:9b:a5:f0:ec:9b:e3:78 + 43:ee:23:16:f6:ef:af:60:8a:a0:5b:68:df:b7:be:3c + 8c:2a:61:12:bb:cc:0c:20:23:38:b1:41:7e:8c:08:4e + 32:aa:1a:af:d9:8e:40:07:d5:59:9c:7d:1e:39:c3:65 + e0:e9:b4:d6:5e:0a:bd:8b:9c:57:b7:97:b8:1d:21:37 + 8f:4d:ba:99:ee:63:d5:98:df:79:31:72:5e:0f:8e:c6 + 39:b5:17:b9:4b:b1:53:61:18:80:a5:4b:55:f5:16:6d + + +exp2: + 4c:59:51:41:e1:70:48:cf:bc:1a:14:14:c4:7f:25:1e + 5d:ae:55:e6:0f:c2:85:13:85:7c:79:c6:68:36:43:77 + b8:c0:ab:74:41:2c:77:62:40:55:7a:7a:40:f9:b4:7a + a5:78:c0:18:aa:92:8e:6e:a6:80:c7:52:56:21:69:a0 + b0:16:11:f9:1e:80:a0:41:a7:09:1f:3e:f5:d5:78:a6 + e9:da:1b:b7:1b:49:64:a8:ca:48:20:16:38:23:ac:eb + 56:43:bf:5c:13:ce:aa:1e:56:2e:b0:2d:7e:47:38:2f + 7c:70:c1:c2:27:b3:ff:ca:eb:fb:3f:64:e0:79:86:59 + + + +Public Key PIN: + pin-sha256:8WMSWb7fAo1Mu4r8Cib3aGoqGUoXIP093eQI/lKAJ3g= +Public Key ID: + sha256:f1631259bedf028d4cbb8afc0a26f7686a2a194a1720fd3ddde408fe52802778 + sha1:2eb1121201a8f84def83e27fec8c60323f488a23 + +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAwHzBZLVCtcE46AJeiECixdPefnJ31NlyiGIFhXVnlgmXLJuR +WA+D78dkHlPtDzwQ4pejIMOq+BYiVdjpChmf5zuBdnkn61bFE5/xGAvklBvYkR5l +ZLSMXI159E3iCl2lU4InsKfaGYoL8uLah7lOmEcaHLZKFVJA4CFnoTyI3eL7N1Oc +HWkXqIV6A6aH1MDq2nN82ZHmX6o9KN09M6p2goigWyZnchGyFgN4x1zPEfNmF1Nu +rAHHf3pXp57ATXQ+8lqJv8QWj7l/wbu3i7GWnl+shPoBZle6RqV+2gnou0omE0S5 +RDG3gm+ljmwji+oMr0KIbKckglFgQs+zjVTyIwIDAQABAoIBAQC13enX3k8+bWb4 +By0MLY3dvnXtIPhJun41j+/JjgkmQL9+HSpxeo9dIRZedUt5ZnZJsZ4mmdlS947P +b9eXfGiR0K5cotJt0Bj6ltbzsmDw83JmgsKoKNKpq957To7w3lQTl9kqVx2BneX2 +QhLZw+MXi66HTFCo3oN/gPBp7kke4u+o8vexD6H4ZA6Na/joXlIk9USNI3bgkKT2 +O5hGk1g/UrES8m8ClkAOGE0ZICA6M2zNLgXAGr9sdMMCu5p/5U6/R9bI7nFD0G/2 +T3Jl7Bp2kRiXb+ch3yKdApeDW1LKhm8HdGdwgIXSRAy29rMQ8rhF6YzRwudnbQB4 +DjDHdg8xAoGBAM9pNuiDF0YiIOxZJPcWT44IaQ0pMiSdkPuOl2W6O1BeypLNnU/7 +43srQVhsOujNkdkUseAi1t/syAbkhfcA8FOniSAh2P+pOk1ZBjAE+pj9YL9vPHnD +rXmRHKaUAES+50NZXCGrH6rHW+St1wBME31jia9MtuqGslkdyPfulB57AoGBAO2U +iySCq4lqFtl1S6YM+h+EEw3ftjNtMLyl7vHjP7/9nsmoIR5Ji6jR1/JJJKW3iQAT +56iD5gAJ+oXypJMGnyL9wrCnQsogF9DGQRRr8XGq64Gz2bkwqA9BB3SiDjIqQ3/4 +e8k+NP7huaJP9XqqnZaS3JgrYy0HXXVV/X9fVn55AoGAVwnCHwSUCbxcsJIgLwhP +zjy9SOaWwkLVCpul8Oyb43hD7iMW9u+vYIqgW2jft748jCphErvMDCAjOLFBfowI +TjKqGq/ZjkAH1VmcfR45w2Xg6bTWXgq9i5xXt5e4HSE3j026me5j1ZjfeTFyXg+O +xjm1F7lLsVNhGIClS1X1Fm0CgYBMWVFB4XBIz7waFBTEfyUeXa5V5g/ChROFfHnG +aDZDd7jAq3RBLHdiQFV6ekD5tHqleMAYqpKObqaAx1JWIWmgsBYR+R6AoEGnCR8+ +9dV4punaG7cbSWSoykggFjgjrOtWQ79cE86qHlYusC1+RzgvfHDBwiez/8rr+z9k +4HmGWQKBgGBxxyxMbuWlOOwoP1Sb10yXvniZUXVDOJqLftZaxpfMrjs0g6r881Ea +aTi0iC70Y2YvI5I7KRbhUpE30LPnqi62sQAKpWSCsI4vJZtv659WRld1n+ZlNkLC +yeAcuV2565SGKTaH/JJdmqzZx/m0KCRD8kpRIDvbm3+kj9jkb2qU +-----END RSA PRIVATE KEY----- diff --git a/roles/web_server/tests/data/x509/parameters-mandatory_https.pem b/roles/web_server/tests/data/x509/parameters-mandatory_https.pem new file mode 100644 index 0000000000000000000000000000000000000000..7f3d8cec073d531079baeaea6a4fa250b56e38b0 --- /dev/null +++ b/roles/web_server/tests/data/x509/parameters-mandatory_https.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIELDCCApSgAwIBAgIMWWXRlyNKFAsg+sh2MA0GCSqGSIb3DQEBCwUAMEgxIjAg +BgNVBAMTGUV4YW1wbGUgSW5jLiBUZXN0IFNpdGUgQ0ExFTATBgNVBAoTDEV4YW1w +bGUgSW5jLjELMAkGA1UEBhMCU0UwHhcNMTcwNzEyMDczNjU1WhcNMjcwNzEwMDcz +NjU1WjBFMR8wHQYDVQQDExZFeGFtcGUgSW5jLiBXZWIgU2VydmVyMRUwEwYDVQQK +EwxFeGFtcGxlIEluYy4xCzAJBgNVBAYTAlNFMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAwHzBZLVCtcE46AJeiECixdPefnJ31NlyiGIFhXVnlgmXLJuR +WA+D78dkHlPtDzwQ4pejIMOq+BYiVdjpChmf5zuBdnkn61bFE5/xGAvklBvYkR5l +ZLSMXI159E3iCl2lU4InsKfaGYoL8uLah7lOmEcaHLZKFVJA4CFnoTyI3eL7N1Oc +HWkXqIV6A6aH1MDq2nN82ZHmX6o9KN09M6p2goigWyZnchGyFgN4x1zPEfNmF1Nu +rAHHf3pXp57ATXQ+8lqJv8QWj7l/wbu3i7GWnl+shPoBZle6RqV+2gnou0omE0S5 +RDG3gm+ljmwji+oMr0KIbKckglFgQs+zjVTyIwIDAQABo4GYMIGVMAwGA1UdEwEB +/wQCMAAwHwYDVR0RBBgwFoIUcGFyYW1ldGVycy1tYW5kYXRvcnkwEwYDVR0lBAww +CgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQULrESEgGo+E3v +g+J/7IxgMj9IiiMwHwYDVR0jBBgwFoAUN2vbkxxpfpJMa99zhfiEllmBT2swDQYJ +KoZIhvcNAQELBQADggGBAI1mG7d1wPpA40JmBYll2KasIH/ldLN2eu8rAdM00Rep +KPeMCwOEIoJp3LZL43fubQKP0okw1JstskQt6PPNbL53I8hIhUmKUQEEYXG3AIB8 +p7w2BSq+ROV3Te3Eu+aSCT+sXGnu7FPbioMoZb90tHdZWxMvDGGN/HNXFevM0h5j +8vf6O+HlBLXU5mClpyD95OR+ULvYwWWhFwWar6mM0l2ByffJzl21iRZT5pBnnEQY +7A9RhUwb7f++uByPlKl08OGAaf2fl9VQUIK2mbjRu3ARfFQWyB+8Mq3EqkYSxRA3 +dpe+thQ8u4dUddJnDdHT5L0/odkCWHfN7512+kCbV4fYq+iSWnIBF6yEa09WLLdq +a5PHo/GGcA8P2SBGh0Jay/NSKpaIGhrCYp5mxiXm60oAHMYPXHZW0U28vtlAXkJb +KeCCgR/4Wa0G0QnbiT29s5yDIYy3YgSL+3Ug3y0XGRKMaMzVNA4p4CBbJo1ybhVu +XMygMYr+69hXbaCoeWn2Bg== +-----END CERTIFICATE----- diff --git a/roles/web_server/tests/data/x509/parameters-optional_https.cert.pem b/roles/web_server/tests/data/x509/parameters-optional_https.cert.pem new file mode 100644 index 0000000000000000000000000000000000000000..335f9d4aef95d7e9b461ed0a27dd0a223b55e16d --- /dev/null +++ b/roles/web_server/tests/data/x509/parameters-optional_https.cert.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEKzCCApOgAwIBAgIMWWXRmCeSoIhqvQfnMA0GCSqGSIb3DQEBCwUAMEgxIjAg +BgNVBAMTGUV4YW1wbGUgSW5jLiBUZXN0IFNpdGUgQ0ExFTATBgNVBAoTDEV4YW1w +bGUgSW5jLjELMAkGA1UEBhMCU0UwHhcNMTcwNzEyMDczNjU2WhcNMjcwNzEwMDcz +NjU2WjBFMR8wHQYDVQQDExZFeGFtcGUgSW5jLiBXZWIgU2VydmVyMRUwEwYDVQQK +EwxFeGFtcGxlIEluYy4xCzAJBgNVBAYTAlNFMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAv9ZxKssqSrZYoFKjrKt/yU101GnxZ2cC/q2x7NidAU1i5bMI +EK6Dlof9NxzlvlOZ41gwucYcMWKzWwZUwUx3VLLlmmspPolNKY9UG0+/p5Zmfe+c +O/2vFjYda6ObzrcJfBu7C+wq7ufE52HdfBDOkapF+HFmqEPKWsbeR7pDjjYoMDTe +nIDPePEl9QFhCkjJtFuWpnf6PP+tsEU/k97ppteGt/lMpLS/mfah9pZE/6988nK2 +ohsoGUy1+I+nV7EyDO9T7HYS1smFjgteaR6X5P+uoMs1hSxlvVAUdto2ffhMU2Z8 +7CjjJYUym+dpBJ1XL4y0cXQwV05p4hzT01qulQIDAQABo4GXMIGUMAwGA1UdEwEB +/wQCMAAwHgYDVR0RBBcwFYITcGFyYW1ldGVycy1vcHRpb25hbDATBgNVHSUEDDAK +BggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBR4/gHLUWZTpv/x +u6Xd1BR1AJQiUzAfBgNVHSMEGDAWgBQ3a9uTHGl+kkxr33OF+ISWWYFPazANBgkq +hkiG9w0BAQsFAAOCAYEAF0bfsvks3T8M306E+6+Usi9bKrvZvSAKhNKFD4MEb10D +OifcMwOwLLdLenzIV+O9ZZAXY6au7ShHc2plbor4Nppv+NECtsEBI5OsBBUcEq3u +6ixauleIofTV3bMED1StyYuKHA8Dz25F1DP00Q5qgTuP/YVXe7KYwNszimOWT2BH +jKB5rxIjdrpU5ZUK3X1Cb6Ti5ftwREozMznKlpzq7mvfC0D58+BTuTiclUclKBk1 +Q65frzfu4YrFdDZEed/Wp4f5Miii08gpCLGQTj/S5f9F7stZiPmxXqLonr1IXXNV +ho8SHsd0IDcIvqyFunRaPn0+VAbmiXcBu/R0ImKy839JtJZeRONQmnoVjj8CCUm1 +lNy7mha5ccm1eP0QpHBBdGij+O8WgwYv+NZkDt93bUr6U7vJV9QfwNJ5+dn41QcC +x3obV4bYIlfc4MjGKqCPqViOA+caEHCYOEtlXpuiLJDeMvHl8fE/TOZ7cS4puIgy +nGRU/4/q9K5UQKWn93iq +-----END CERTIFICATE----- diff --git a/roles/web_server/tests/data/x509/parameters-optional_https.key.pem b/roles/web_server/tests/data/x509/parameters-optional_https.key.pem new file mode 100644 index 0000000000000000000000000000000000000000..a5615da56f3ddf5c19e9c973cb7cb7573a6c4737 --- /dev/null +++ b/roles/web_server/tests/data/x509/parameters-optional_https.key.pem @@ -0,0 +1,134 @@ +Public Key Info: + Public Key Algorithm: RSA + Key Security Level: Medium (2048 bits) + +modulus: + 00:bf:d6:71:2a:cb:2a:4a:b6:58:a0:52:a3:ac:ab:7f + c9:4d:74:d4:69:f1:67:67:02:fe:ad:b1:ec:d8:9d:01 + 4d:62:e5:b3:08:10:ae:83:96:87:fd:37:1c:e5:be:53 + 99:e3:58:30:b9:c6:1c:31:62:b3:5b:06:54:c1:4c:77 + 54:b2:e5:9a:6b:29:3e:89:4d:29:8f:54:1b:4f:bf:a7 + 96:66:7d:ef:9c:3b:fd:af:16:36:1d:6b:a3:9b:ce:b7 + 09:7c:1b:bb:0b:ec:2a:ee:e7:c4:e7:61:dd:7c:10:ce + 91:aa:45:f8:71:66:a8:43:ca:5a:c6:de:47:ba:43:8e + 36:28:30:34:de:9c:80:cf:78:f1:25:f5:01:61:0a:48 + c9:b4:5b:96:a6:77:fa:3c:ff:ad:b0:45:3f:93:de:e9 + a6:d7:86:b7:f9:4c:a4:b4:bf:99:f6:a1:f6:96:44:ff + af:7c:f2:72:b6:a2:1b:28:19:4c:b5:f8:8f:a7:57:b1 + 32:0c:ef:53:ec:76:12:d6:c9:85:8e:0b:5e:69:1e:97 + e4:ff:ae:a0:cb:35:85:2c:65:bd:50:14:76:da:36:7d + f8:4c:53:66:7c:ec:28:e3:25:85:32:9b:e7:69:04:9d + 57:2f:8c:b4:71:74:30:57:4e:69:e2:1c:d3:d3:5a:ae + 95: + +public exponent: + 01:00:01: + +private exponent: + 00:bf:c2:35:a1:17:30:91:3a:30:e1:21:7a:26:91:cf + cc:83:36:73:55:eb:4e:f7:33:91:2c:43:1c:83:72:7d + e8:c3:20:e4:92:fd:49:d4:93:56:20:11:45:3b:89:c2 + bb:a2:fb:76:c9:5c:74:b6:10:f9:43:d5:d2:46:de:8e + b2:05:99:69:80:10:dc:48:16:ef:a2:2b:ea:99:0e:f5 + 10:6c:27:1a:aa:cb:74:cb:dd:a1:fe:4a:a8:62:88:81 + 82:63:a2:bc:98:30:5c:c2:2e:bf:2e:a3:2e:e8:63:4c + 79:63:01:4a:54:e0:ce:f5:e4:82:55:23:c0:03:3a:a0 + 1d:58:32:9b:8d:2c:22:09:d6:9d:88:b6:60:3c:2b:8e + 94:d8:9e:54:b9:fa:30:c1:31:54:dc:ff:05:cf:39:e6 + fe:e1:48:70:a0:3e:55:d3:af:93:ac:5e:68:99:f9:87 + de:cd:92:08:fa:e9:46:e3:a4:87:1c:43:4d:be:58:e8 + 95:21:fa:62:7f:cf:b4:f4:8c:4b:be:36:5b:e6:60:f0 + 9e:39:ce:dc:99:89:2c:fc:cb:47:c0:1e:19:59:03:2d + ee:aa:11:6e:55:e3:6e:01:d9:0d:97:01:88:fc:39:a1 + 2c:42:4e:5f:81:4c:b0:2c:a7:3f:fe:6c:95:60:da:78 + 09: + +prime1: + 00:c4:09:cc:33:c9:d0:e2:f7:de:e8:74:a7:e8:86:ba + ff:2b:84:f3:c8:9f:79:93:91:5f:09:6b:f3:65:17:f8 + bd:f9:0d:ba:43:59:05:0f:ac:df:af:8d:45:84:99:58 + 46:28:88:5d:f5:c6:47:73:72:52:e6:17:3b:fc:60:bf + 67:13:cd:d9:76:22:a5:d9:68:84:4e:99:f0:de:6e:ab + 1e:3b:4a:a4:2c:8f:e8:87:08:c5:55:74:5f:0e:6d:5b + 8a:2e:4c:67:92:5b:ba:52:98:2a:44:e5:0a:e2:4c:d2 + 06:56:aa:4b:4c:02:63:6f:e3:7f:8d:d5:06:7b:fd:1d + bb: + +prime2: + 00:fa:83:ba:65:57:f2:3f:44:d2:bf:b9:aa:58:2e:7a + 66:29:71:c5:47:08:44:c7:f7:52:82:e9:c3:0c:99:c2 + 19:55:1d:b8:88:3e:05:21:5b:f2:5a:d4:9d:97:4f:18 + 2a:72:96:4e:b1:cc:0a:4d:47:0f:51:46:0d:e4:3a:1b + af:2f:bf:82:08:e6:1b:1e:cf:26:24:ae:9b:a4:a1:b8 + 56:46:8a:1e:15:a5:ec:27:77:ea:2b:d3:3d:86:81:92 + 37:a0:7e:26:9d:46:d1:31:4a:9e:b6:8a:21:fe:03:4b + 95:fc:6d:63:73:31:80:e6:5b:62:1a:c5:62:4b:0e:77 + ef: + +coefficient: + 00:d8:13:a7:95:31:7d:84:3f:0a:59:0c:28:ab:79:36 + 3e:a0:ec:9c:5e:4c:5a:ec:ab:95:e3:c9:33:b0:dd:f0 + 70:7f:76:5c:27:78:5d:cb:8c:cc:2c:b6:81:59:aa:e0 + d7:2d:44:69:a6:a7:84:3b:57:e2:2f:75:63:6e:e8:2c + 9a:02:0e:9c:d0:6a:c0:aa:14:c7:ef:3f:29:c8:ce:58 + 95:bf:dd:9e:b0:f4:aa:f5:7a:7c:ad:dc:d2:85:92:19 + 33:5a:8e:3e:9d:a1:25:d6:78:fa:35:e9:7f:d9:4c:82 + d5:d7:d8:d1:9c:81:11:a5:b6:db:6e:a3:76:56:52:25 + + +exp1: + 00:af:d3:89:cf:39:47:9d:0a:6c:67:59:99:ef:b8:47 + a7:ed:c4:85:52:7f:96:6f:80:87:18:d0:35:b1:8a:5a + 93:28:f9:e3:01:dc:a9:e9:71:47:ff:10:5a:35:9f:c3 + c8:c9:39:e5:ec:36:36:87:99:16:39:40:c5:90:8a:c5 + a1:11:e6:23:11:0d:ea:6a:a0:8f:6a:60:2f:e5:90:a4 + f1:ac:84:39:d3:ae:0f:04:6e:1d:6f:93:bc:5e:18:3f + 6e:24:30:6b:04:9e:38:f3:33:7f:55:e3:88:6b:88:33 + 27:74:3b:b0:e5:2f:8f:38:1f:77:9c:22:60:7a:7c:7f + 59: + +exp2: + 0c:91:7f:50:86:51:09:0b:92:e7:3b:91:68:4b:2c:a8 + e3:7b:69:c2:5e:8f:d4:d8:7b:b3:45:b7:1b:72:bb:62 + 39:fa:fb:bf:1a:1d:77:c6:fd:29:c1:71:06:9e:59:40 + 07:ef:b2:93:09:01:9b:4e:ed:5d:ce:7d:f3:ed:56:66 + 3b:a7:08:07:1a:44:52:0f:62:82:84:a0:1a:6a:62:ad + 31:6c:cc:85:99:85:77:95:74:92:2e:4e:ef:e8:a0:45 + 5a:2f:fa:0f:f9:f5:94:db:81:8a:f6:f3:2d:a3:4c:af + 81:b2:9b:42:b4:41:1b:4d:8a:66:7d:70:a9:03:58:d1 + + + +Public Key PIN: + pin-sha256:G3mZxFiYbGtQG0dRntwpjZ9BTUJeuC08FJg433eyPbg= +Public Key ID: + sha256:1b7999c458986c6b501b47519edc298d9f414d425eb82d3c149838df77b23db8 + sha1:78fe01cb516653a6fff1bba5ddd4147500942253 + +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAv9ZxKssqSrZYoFKjrKt/yU101GnxZ2cC/q2x7NidAU1i5bMI +EK6Dlof9NxzlvlOZ41gwucYcMWKzWwZUwUx3VLLlmmspPolNKY9UG0+/p5Zmfe+c +O/2vFjYda6ObzrcJfBu7C+wq7ufE52HdfBDOkapF+HFmqEPKWsbeR7pDjjYoMDTe +nIDPePEl9QFhCkjJtFuWpnf6PP+tsEU/k97ppteGt/lMpLS/mfah9pZE/6988nK2 +ohsoGUy1+I+nV7EyDO9T7HYS1smFjgteaR6X5P+uoMs1hSxlvVAUdto2ffhMU2Z8 +7CjjJYUym+dpBJ1XL4y0cXQwV05p4hzT01qulQIDAQABAoIBAQC/wjWhFzCROjDh +IXomkc/MgzZzVetO9zORLEMcg3J96MMg5JL9SdSTViARRTuJwrui+3bJXHS2EPlD +1dJG3o6yBZlpgBDcSBbvoivqmQ71EGwnGqrLdMvdof5KqGKIgYJjoryYMFzCLr8u +oy7oY0x5YwFKVODO9eSCVSPAAzqgHVgym40sIgnWnYi2YDwrjpTYnlS5+jDBMVTc +/wXPOeb+4UhwoD5V06+TrF5omfmH3s2SCPrpRuOkhxxDTb5Y6JUh+mJ/z7T0jEu+ +NlvmYPCeOc7cmYks/MtHwB4ZWQMt7qoRblXjbgHZDZcBiPw5oSxCTl+BTLAspz/+ +bJVg2ngJAoGBAMQJzDPJ0OL33uh0p+iGuv8rhPPIn3mTkV8Ja/NlF/i9+Q26Q1kF +D6zfr41FhJlYRiiIXfXGR3NyUuYXO/xgv2cTzdl2IqXZaIROmfDebqseO0qkLI/o +hwjFVXRfDm1bii5MZ5JbulKYKkTlCuJM0gZWqktMAmNv43+N1QZ7/R27AoGBAPqD +umVX8j9E0r+5qlguemYpccVHCETH91KC6cMMmcIZVR24iD4FIVvyWtSdl08YKnKW +TrHMCk1HD1FGDeQ6G68vv4II5hsezyYkrpukobhWRooeFaXsJ3fqK9M9hoGSN6B+ +Jp1G0TFKnraKIf4DS5X8bWNzMYDmW2IaxWJLDnfvAoGBAK/Tic85R50KbGdZme+4 +R6ftxIVSf5ZvgIcY0DWxilqTKPnjAdyp6XFH/xBaNZ/DyMk55ew2NoeZFjlAxZCK +xaER5iMRDepqoI9qYC/lkKTxrIQ5064PBG4db5O8Xhg/biQwawSeOPMzf1XjiGuI +Myd0O7DlL484H3ecImB6fH9ZAoGADJF/UIZRCQuS5zuRaEssqON7acJej9TYe7NF +txtyu2I5+vu/Gh13xv0pwXEGnllAB++ykwkBm07tXc598+1WZjunCAcaRFIPYoKE +oBpqYq0xbMyFmYV3lXSSLk7v6KBFWi/6D/n1lNuBivbzLaNMr4Gym0K0QRtNimZ9 +cKkDWNECgYAA2BOnlTF9hD8KWQwoq3k2PqDsnF5MWuyrlePJM7Dd8HB/dlwneF3L +jMwstoFZquDXLURppqeEO1fiL3VjbugsmgIOnNBqwKoUx+8/KcjOWJW/3Z6w9Kr1 +enyt3NKFkhkzWo4+naEl1nj6Nel/2UyC1dfY0ZyBEaW2226jdlZSJQ== +-----END RSA PRIVATE KEY----- diff --git a/roles/web_server/tests/test_default.py b/roles/web_server/tests/test_default.py new file mode 100644 index 0000000000000000000000000000000000000000..e7601e24b0cb5d4182c4c10d1920b89d94851cb3 --- /dev/null +++ b/roles/web_server/tests/test_default.py @@ -0,0 +1,13 @@ +import testinfra.utils.ansible_runner + + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + '.molecule/ansible_inventory').get_hosts('all') + + +def test_hosts_file(File): + f = File('/etc/hosts') + + assert f.exists + assert f.user == 'root' + assert f.group == 'root'