test: replace self-hosted certificates

.github/actions/setup-notary/action.yaml

@@ -16,7 +16,7 @@ runs:
       shell: bash
     - name: Trust root cert of notary instance
       run: |
-        sudo cp ./test/integration/self-hosted-notary/notary-service-container/server/ca.crt /usr/local/share/ca-certificates/notary_root_ca.crt
+        sudo cp ./test/integration/self-hosted-notary/notary-service-container/server/notary.crt /usr/local/share/ca-certificates/notary_root_ca.crt
         sudo update-ca-certificates
       shell: bash
     - name: Append notary ip to /etc/hosts

test/integration/self-hosted-notary/Dockerfile.populate_notary

@@ -5,7 +5,7 @@ COPY notary-service-container/ test/integration/self-hosted-notary/notary-servic
 RUN apt update &&\
     apt upgrade -y && \
     apt install -y docker notary expect ca-certificates && \
-    cp ./test/integration/self-hosted-notary/notary-service-container/server/ca.crt /usr/local/share/ca-certificates/notary_root_ca.crt && \
+    cp ./test/integration/self-hosted-notary/notary-service-container/server/notary.crt /usr/local/share/ca-certificates/notary_root_ca.crt && \
     update-ca-certificates
 
 ARG DIGEST

test/integration/self-hosted-notary/install.yaml

@@ -32,27 +32,24 @@ application:
       - name: default
         key: self_hosted_notary_root_key.pub
     # CA cert signing the cert of the self-hosted notary
-    # (test/integration/notary_service_container/certs/root/ca.crt)
+    # (test/integration/notary_service_container/server/notary.crt)
     cert: |
       -----BEGIN CERTIFICATE-----
-      MIIDEzCCAfugAwIBAgIUDDvwp5mG7ckbcvJ0jg9he/rSGzAwDQYJKoZIhvcNAQEL
-      BQAwGTEXMBUGA1UEAwwOTm90YXJ5IFJvb3QgQ0EwHhcNMjMxMTIyMjIwOTM5WhcN
-      MjQxMTIxMjIwOTM5WjAZMRcwFQYDVQQDDA5Ob3RhcnkgUm9vdCBDQTCCASIwDQYJ
-      KoZIhvcNAQEBBQADggEPADCCAQoCggEBAO6IjUiNqWDrwO1Yn/Yfc5hSUdH3ZZ1i
-      SzbsYL4ZL3ZN/rXv8rS3JBeNpbcRs85lYIjC8prCh9tJ6FjnMqUVI5pGz9XZPLNO
-      hQA4eW4Z5lHDd1oWCT1Y66zwUYSD59xUzGWCZ5OhZlKanu8OfdGDyoPJxKYmhZQz
-      Vnnh1chZC5eBBzObufWO47aMg4rX7ZLCER/HxLHfSnCVMVwOa3KBHDK3yWy+y86y
-      7/0bl5iW/bR8OZ/cjH4eEN9QdbAYBsavEsJ6wxBDgdweUH+7fQfORn5/IJtqwGha
-      FAyfeTwRI8/8tA4J1U08/p8oIopbzcGTg1LjPHQ8s8RTtknzg+jTrWkCAwEAAaNT
-      MFEwHQYDVR0OBBYEFKkx59QcInNCTOluvzHt3frciFqtMB8GA1UdIwQYMBaAFKkx
-      59QcInNCTOluvzHt3frciFqtMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL
-      BQADggEBAKyPiDT0PXTHzpC7sLq7s2pUe3ezqg51m4NTgynO3u+vYftTCMVDIV0P
-      H7ZJNyHHYvglaLjRnsWdjGs4tcqjIYCRL8Tnc/CVorI0QGGwDDlvWXNXleAxjV3t
-      t5hy7t5JpnNgF2GYNnSeuYG21rDDcP9EQZKv1a2KaKcgFRtzktlegRX0kGjDxbYe
-      0jo5j4oJZ944W79GqcQLeRpOU8PnbSaBtRPSeX1VhzpkR3pQy5FgBikQkvRP/dJw
-      H5Ck1P7fRzDnlv4cypSk6v9PWSQMrSYlyp1a40b9U1bIF2cQ+HVDwUg+56OPAey6
-      wBELObfROXagGdjRP+OQJUJgFHS3Uss=
+      MIICDzCCAZWgAwIBAgIUK6opKzStr7qjcHx40VGw4bprm/IwCgYIKoZIzj0EAwIw
+      GDEWMBQGA1UEAwwNbm90YXJ5LnNlcnZlcjAeFw0yNDExMjIwOTIwMDNaFw0zNDEx
+      MjAwOTIwMDNaMBgxFjAUBgNVBAMMDW5vdGFyeS5zZXJ2ZXIwdjAQBgcqhkjOPQIB
+      BgUrgQQAIgNiAAT0Nn7WJQUykFnPT12RtldK9ruKhd75uttXV6JwVfV0AtHnPHx/
+      KH7VzA/nyoXCPGvod5RCX6Idb0LcFq7+/gFlM4tFscmCS53VAuhs1/NhLnEE+sAn
+      bPqDw1BuReMghAejgZ8wgZwwHQYDVR0OBBYEFH5CMJZfe2/ETr2PWIHB76vYshys
+      MB8GA1UdIwQYMBaAFH5CMJZfe2/ETr2PWIHB76vYshysMA8GA1UdEwEB/wQFMAMB
+      Af8wSQYDVR0RBEIwQIINbm90YXJ5LnNlcnZlcoIPKi5ub3Rhcnkuc2VydmVygg1u
+      b3Rhcnkuc2lnbmVygg8qLm5vdGFyeS5zaWduZXIwCgYIKoZIzj0EAwIDaAAwZQIx
+      ALoqIiOjUxbrmHMcJY4awMbVrbu2AXmfcrcbaRuKAHHe1v92Xlc8vo1Bvo5BwOzb
+      cwIwQbAe7FfQKykKWCN6Vs4GfzQVWtQjN0WoMW5L4KgDREjseuU2bRMojWViuBih
+      vvNj
       -----END CERTIFICATE-----
+
+
   policy:
   - pattern: "*:*"
     validator: dockerhub-basics

test/integration/self-hosted-notary/notary-service-container/client_config.json

@@ -1,6 +1,6 @@
 {
     "remote_server": {
         "url": "https://notary.server:4443",
-        "root_ca": "./server/ca.crt"
+        "root_ca": "./server/notary.crt"
     }
 }

test/integration/self-hosted-notary/notary-service-container/server/config.json

@@ -1,17 +1,17 @@
 {
     "server": {
         "http_addr": ":4443",
-        "tls_key_file": "./notary-server.key",
-        "tls_cert_file": "./notary-server.crt"
+        "tls_key_file": "./notary.key",
+        "tls_cert_file": "./notary.crt"
     },
     "trust_service": {
         "type": "remote",
         "hostname": "notary.signer",
         "port": "7899",
-        "tls_ca_file": "./ca.crt",
+        "tls_ca_file": "./notary.crt",
         "key_algorithm": "ecdsa",
-        "tls_client_cert": "./notary-server.crt",
-        "tls_client_key": "./notary-server.key"
+        "tls_client_cert": "./notary.crt",
+        "tls_client_key": "./notary.key"
     },
     "storage": {
         "backend": "memory"

test/integration/self-hosted-notary/notary-service-container/server/notary.crt

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICDzCCAZWgAwIBAgIUK6opKzStr7qjcHx40VGw4bprm/IwCgYIKoZIzj0EAwIw
+GDEWMBQGA1UEAwwNbm90YXJ5LnNlcnZlcjAeFw0yNDExMjIwOTIwMDNaFw0zNDEx
+MjAwOTIwMDNaMBgxFjAUBgNVBAMMDW5vdGFyeS5zZXJ2ZXIwdjAQBgcqhkjOPQIB
+BgUrgQQAIgNiAAT0Nn7WJQUykFnPT12RtldK9ruKhd75uttXV6JwVfV0AtHnPHx/
+KH7VzA/nyoXCPGvod5RCX6Idb0LcFq7+/gFlM4tFscmCS53VAuhs1/NhLnEE+sAn
+bPqDw1BuReMghAejgZ8wgZwwHQYDVR0OBBYEFH5CMJZfe2/ETr2PWIHB76vYshys
+MB8GA1UdIwQYMBaAFH5CMJZfe2/ETr2PWIHB76vYshysMA8GA1UdEwEB/wQFMAMB
+Af8wSQYDVR0RBEIwQIINbm90YXJ5LnNlcnZlcoIPKi5ub3Rhcnkuc2VydmVygg1u
+b3Rhcnkuc2lnbmVygg8qLm5vdGFyeS5zaWduZXIwCgYIKoZIzj0EAwIDaAAwZQIx
+ALoqIiOjUxbrmHMcJY4awMbVrbu2AXmfcrcbaRuKAHHe1v92Xlc8vo1Bvo5BwOzb
+cwIwQbAe7FfQKykKWCN6Vs4GfzQVWtQjN0WoMW5L4KgDREjseuU2bRMojWViuBih
+vvNj
+-----END CERTIFICATE-----

test/integration/self-hosted-notary/notary-service-container/server/notary.key

@@ -0,0 +1,6 @@
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBiy79dS7NewsD9G+dB
+mJDEWIhpqa9mjxeMBfdaD8kPJJ9qk6Go5CDFoXlCKdaL7J2hZANiAAT0Nn7WJQUy
+kFnPT12RtldK9ruKhd75uttXV6JwVfV0AtHnPHx/KH7VzA/nyoXCPGvod5RCX6Id
+b0LcFq7+/gFlM4tFscmCS53VAuhs1/NhLnEE+sAnbPqDw1BuReMghAc=
+-----END PRIVATE KEY-----

test/integration/self-hosted-notary/notary-service-container/signer/config.json

@@ -1,9 +1,9 @@
 {
     "server": {
         "grpc_addr": ":7899",
-        "tls_cert_file": "./notary-signer.crt",
-        "tls_key_file": "./notary-signer.key",
-        "client_ca_file": "./ca.crt"
+        "tls_cert_file": "./notary.crt",
+        "tls_key_file": "./notary.key",
+        "client_ca_file": "./notary.crt"
     },
     "storage": {
         "backend": "memory"

test/integration/self-hosted-notary/notary-service-container/signer/notary.crt

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICDzCCAZWgAwIBAgIUK6opKzStr7qjcHx40VGw4bprm/IwCgYIKoZIzj0EAwIw
+GDEWMBQGA1UEAwwNbm90YXJ5LnNlcnZlcjAeFw0yNDExMjIwOTIwMDNaFw0zNDEx
+MjAwOTIwMDNaMBgxFjAUBgNVBAMMDW5vdGFyeS5zZXJ2ZXIwdjAQBgcqhkjOPQIB
+BgUrgQQAIgNiAAT0Nn7WJQUykFnPT12RtldK9ruKhd75uttXV6JwVfV0AtHnPHx/
+KH7VzA/nyoXCPGvod5RCX6Idb0LcFq7+/gFlM4tFscmCS53VAuhs1/NhLnEE+sAn
+bPqDw1BuReMghAejgZ8wgZwwHQYDVR0OBBYEFH5CMJZfe2/ETr2PWIHB76vYshys
+MB8GA1UdIwQYMBaAFH5CMJZfe2/ETr2PWIHB76vYshysMA8GA1UdEwEB/wQFMAMB
+Af8wSQYDVR0RBEIwQIINbm90YXJ5LnNlcnZlcoIPKi5ub3Rhcnkuc2VydmVygg1u
+b3Rhcnkuc2lnbmVygg8qLm5vdGFyeS5zaWduZXIwCgYIKoZIzj0EAwIDaAAwZQIx
+ALoqIiOjUxbrmHMcJY4awMbVrbu2AXmfcrcbaRuKAHHe1v92Xlc8vo1Bvo5BwOzb
+cwIwQbAe7FfQKykKWCN6Vs4GfzQVWtQjN0WoMW5L4KgDREjseuU2bRMojWViuBih
+vvNj
+-----END CERTIFICATE-----

test/integration/self-hosted-notary/notary-service-container/signer/notary.key

@@ -0,0 +1,6 @@
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBiy79dS7NewsD9G+dB
+mJDEWIhpqa9mjxeMBfdaD8kPJJ9qk6Go5CDFoXlCKdaL7J2hZANiAAT0Nn7WJQUy
+kFnPT12RtldK9ruKhd75uttXV6JwVfV0AtHnPHx/KH7VzA/nyoXCPGvod5RCX6Id
+b0LcFq7+/gFlM4tFscmCS53VAuhs1/NhLnEE+sAnbPqDw1BuReMghAc=
+-----END PRIVATE KEY-----