= SSL key / cert material

Execute in the project root

# Issue a certificate request
---
openssl req -config test-CA/openssl.cnf -new -nodes -sha256 -days 36500  \
 -subj '/O=Apache Software Foundation/OU=HttpComponents Project/CN=localhost/emailAddress=dev@hc.apache.org/' \
 -addext 'subjectAltName = DNS:localhost' \
 -keyout httpcore5-testing/src/test/resources/docker/server-key.pem \
 -out httpcore5-testing/src/test/resources/docker/server-certreq.pem
---
# Verify the request
---
openssl req -in httpcore5-testing/src/test/resources/docker/server-certreq.pem -text -noout
---
# Sign new certificate with the test CA key
---
openssl ca -config test-CA/openssl.cnf -days 36500 \
 -out httpcore5-testing/src/test/resources/docker/server-cert.pem \
 -in httpcore5-testing/src/test/resources/docker/server-certreq.pem \
 && rm httpcore5-testing/src/test/resources/docker/server-certreq.pem
---

# Export the certificate and the key into P12 store

---
openssl pkcs12 -export -out httpcore5-testing/src/test/resources/docker/server.p12 \
 -CAfile test-CA/ca-cert.pem \
 -in httpcore5-testing/src/test/resources/docker/server-cert.pem \
 -inkey httpcore5-testing/src/test/resources/docker/server-key.pem \
 -passin pass:nopassword -passout pass:nopassword
---

# Verify the P12 store

---
openssl pkcs12 -info -in httpcore5-testing/src/test/resources/docker/server.p12 \
 -passin pass:nopassword -passout pass:nopassword
---

---
keytool -list -keystore httpcore5-testing/src/test/resources/docker/server.p12 -storepass nopassword
---

# Create JKS store with the Test CA cert
---
keytool -import -trustcacerts -alias test-ca -file test-CA/ca-cert.pem -keystore httpcore5-testing/src/test/resources/test-ca.jks -storepass nopassword
---

= Running a local version of HttpBin

# Create container
---
docker container create -it --name test-httpbin -p 8080:80 kennethreitz/httpbin:latest
docker start test-httpbin
docker logs test-httpbin
---
# Trouble-shoot container
---
docker exec -it test-httpbin bash
---
# Delete container
---
docker rm --force test-httpbin
---