[THREESCALE-11412] Migrate to lua-resty-openssl

What

https://issues.redhat.com/browse/THREESCALE-11412

Verification steps

Checkout this branch

Build runtime-image

make runtime-image IMAGE_NAME=apicast-test

Move into development environment
```
cd dev-environments/upstream-tlsv1.3
```

Update apicast-config.json file as follow


diff --git a/dev-environments/https-proxy-upstream-tlsv1.3/apicast-config.json b/dev-environments/https-proxy-upstream-tlsv1.3/apicast-config.json 
index 5227c5aa..09fb1ab9 100644                                                                                                                    
--- a/dev-environments/https-proxy-upstream-tlsv1.3/apicast-config.json                                                                            
+++ b/dev-environments/https-proxy-upstream-tlsv1.3/apicast-config.json                                                                            
@@ -11,6 +11,15 @@                                                                                                                                 
       "host": "backend"                                                                                                                       
     },                                                                                                                                        
     "policy_chain": [

{
"name": "apicast.policy.upstream_mtls",
"configuration": {
"certificate": "/tmp/example.com.crt",
"certificate_type": "path",
"certificate_key": "/tmp/example.com.key",
"certificate_key_type": "path"
}
},
{
"name": "apicast.policy.http_proxy",
"configuration": {

Update docker-compose file as follow


diff --git a/dev-environments/upstream-tlsv1.3/docker-compose.yml b/dev-environments/upstream-tlsv1.3/docker-compose.yml
index 5daf958f..fc03f24b 100644
--- a/dev-environments/upstream-tlsv1.3/docker-compose.yml
+++ b/dev-environments/upstream-tlsv1.3/docker-compose.yml
@@ -23,15 +23,19 @@ services:
   - "8090:8090"
 volumes:
   - ./apicast-config.json:/tmp/config.json

- ./cert/example.com.crt:/tmp/example.com.crt
- ./cert/example.com.key:/tmp/example.com.key
- ./cert/rootCA.pem:/tmp/rootCA.pem example.com: image: alpine/socat:1.7.4.4 container_name: example.com
command: "-v openssl-listen:443,reuseaddr,fork,cert=/etc/pki/example.com.pem,verify=0,openssl-min-proto-version=TLS1.3,openssl-max-proto-version=TLS1.3 TCP:two.upstream:80"
command: "-v openssl-listen:443,reuseaddr,fork,cert=/etc/pki/example.com.pem,cafile=/etc/pki/rootCA.pem,verify=1,openssl-min-proto-version=TLS1.3,openssl-max-proto-version=TLS1.3 TCP:two.upstream:80" expose:
- "443" restart: unless-stopped volumes:
- ./cert/example.com.pem:/etc/pki/example.com.pem
- ./cert/rootCA.pem:/etc/pki/rootCA.pem two.upstream: image: kennethreitz/httpbin expose: (END)

* Start gateway

make certs make gateway IMAGE_NAME=apicast-test

* Send request

curl --resolve get.example.com:8080:127.0.0.1 -v "http://get.example.com:8080/?user_key=123"

You should see 200 OK

< HTTP/1.1 200 OK
< Server: openresty
< Date: Tue, 29 Oct 2024 03:59:19 GMT
< Content-Type: application/json
< Content-Length: 220
< Connection: keep-alive
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Credentials: true

3scale / APIcast

[THREESCALE-11412] Migrate to lua-resty-openssl #1502

What

Verification steps