MakersAll8
commented
1 year ago I was able to resolve this by adding the two lines in the imposter.ejs file.
"cert": "-----BEGIN CERTIFICATE-----<self signed certificate>-----END CERTIFICATE-----",
"key": "-----BEGIN RSA PRIVATE KEY-----<private key content>-----END RSA PRIVATE KEY-----",My cert and key were generated on a ubuntu image following the following steps
create a Dockerfile
FROM ubuntu:20.04
USER root
RUN apt update
RUN apt install openssh-server -y
WORKDIR /home/ubuntu/keyin host terminal build the image and tag it as generate_key
docker build -t generate_key --rm .spin up a container based on the image
docker run --rm -v $PWD/key:/home/ubuntu/key -it --entrypoint /bin/bash generate_keyrun the following command in the container CLI
export ROOT_CA_PASSWORD=$(echo $RANDOM | md5sum | head -c 30) && \
openssl genrsa -des3 -passout pass:$ROOT_CA_PASSWORD -out developmentCA.key 2048 && \
openssl req -x509 -new -nodes -key developmentCA.key -sha256 -days 825 -out developmentCA.crt \
-subj "/C=AU/ST=Victoria/L=Melbourne/O=CompanyName/OU=DepartmentName/CN=DevelopmentCA" \
-passin pass:$ROOT_CA_PASSWORD && \
openssl genrsa -out localhost.key 2048 && \
openssl req -new -sha256 -key localhost.key \
-subj "/C=AU/ST=Victoria/L=Melbourne/O=CompanyName/OU=DepartmentName/CN=localhost:2525" \
-addext "subjectAltName=DNS:localhost:2525" -out localhost.csr && openssl x509 \
-req -in localhost.csr -CA developmentCA.crt -extensions SAN \
-extfile <(cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=DNS:localhost:2525")) \
-CAkey developmentCA.key -CAcreateserial -out localhost.crt -days 825 -sha256 \
-passin pass:$ROOT_CA_PASSWORD && \
openssl x509 -in localhost.crt -text -nooutIn your key folder on host machine where you created the Dockerfile above, you should have a bunch of private keys, public keys, certificate signing request, etc. Only localhost.key and localhost.crt are of interests to us, the rest were created to eventually get the self-signed certificate localhost.crt.
Copy localhost.key into the key field in the imposters.ejs file, and localhost.crt into cert.
I would raise a PR to change the default key and cert values in moutebank, but would like to ask whether I should just set the -days value to a ridiculously large number like 3650 days to make the cert valid for 10 years?
bbyars
Expected behaviour
upgrading to node 18 image should not break my mock server
...
Actual behaviour
upgrading to node 18 image is causing the
httplibrary to throwee key too smallerror when thePUT /impostersrequest is trying to send stubs I defined in json files to moutebank server on port 2525 ...Steps to reproduce
pull node 18 image install mountebank create your
imposters.ejscreate your stubs json files runnpm start...Software versions used
I am raising the issue to provide a solution as I couldn't find a solution here and on Google.
The offending default keypair seems to be
mb-key.pemandmb-cert.pemaccording to the source code.