chore: [DevOps] bump the test group across 1 directory with 3 updates (#1043)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alexander Dümont <alexander.duemont@sap.com>

Author: dependabot[bot]

cloudplatform/connectivity-apache-httpclient5/src/test/java/com/sap/cloud/sdk/cloudplatform/connectivity/ClientCertificateAuthenticationLocalTest.java

@@ -37,9 +37,14 @@
 
 class ClientCertificateAuthenticationLocalTest
 {
-    private static final String CCA_PASSWORD = "cca-password";
-    private static final String JKS_PATH =
-        "src/test/resources/" + ClientCertificateAuthenticationLocalTest.class.getSimpleName() + "/client-cert.pkcs12";
+    private static final String JKS_PREFIX =
+        "src/test/resources/" + ClientCertificateAuthenticationLocalTest.class.getSimpleName();
+    private static final String SERVER_TRUST_STORE = JKS_PREFIX + "/certs/truststore.jks";
+    private static final String SERVER_TRUST_STORE_PASS = "changeit";
+    private static final String SERVER_KEY_STORE = JKS_PREFIX + "/certs/server.jks";
+    private static final String SERVER_KEY_STORE_PASS = "changeit";
+    private static final String CLIENT_KEY_STORE = JKS_PREFIX + "/certs/client1.p12";
+    private static final String CLIENT_KEY_STORE_PASS = "changeit";
 
     @RegisterExtension
     static final WireMockExtension server =
@@ -71,7 +76,7 @@ void testClientCorrectlyConfigured()
                     .authenticationType(AuthenticationType.CLIENT_CERTIFICATE_AUTHENTICATION)
                     .proxyType(ProxyType.INTERNET)
                     .keyStore(getClientKeyStore())
-                    .keyStorePassword(CCA_PASSWORD)
+                    .keyStorePassword(CLIENT_KEY_STORE_PASS)
                     .trustAllCertificates()
                     .build());
 
@@ -82,7 +87,7 @@ void testClientCorrectlyConfigured()
 
         assertThat(context.getUserToken()).isNotNull();
         assertThat(context.getUserToken()).isInstanceOf(X500Principal.class);
-        assertThat(((X500Principal) context.getUserToken()).getName()).contains("CN=localhost");
+        assertThat(((X500Principal) context.getUserToken()).getName()).contains("CN=client1");
 
         // assert keystore methods have been used
         Mockito.verify(destination).getKeyStorePassword();
@@ -122,8 +127,11 @@ private static WireMockConfiguration buildWireMockConfiguration()
             .httpDisabled(true)
             .dynamicHttpsPort()
             .needClientAuth(true)
-            .trustStorePath(JKS_PATH)
-            .trustStorePassword(CCA_PASSWORD)
+            .keystorePath(SERVER_KEY_STORE)
+            .keystorePassword(SERVER_KEY_STORE_PASS)
+            .keyManagerPassword(SERVER_KEY_STORE_PASS)
+            .trustStorePath(SERVER_TRUST_STORE)
+            .trustStorePassword(SERVER_TRUST_STORE_PASS)
             .trustStoreType("JKS");
     }
 
@@ -134,7 +142,7 @@ private static KeyStore getClientKeyStore()
             NoSuchAlgorithmException
     {
         final KeyStore keyStore = KeyStore.getInstance("PKCS12");
-        keyStore.load(new FileInputStream(JKS_PATH), CCA_PASSWORD.toCharArray());
+        keyStore.load(new FileInputStream(CLIENT_KEY_STORE), CLIENT_KEY_STORE_PASS.toCharArray());
         return keyStore;
     }
 }

cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/README.md

@@ -5,18 +5,112 @@ The credential files are generated from command line. This process can be automa
 
 ## CREATE CLIENT CREDENTIALS
 
-* Generate key pair
-  ```bash
-  openssl req -x509 -newkey rsa:2048 -utf8 -days 3650 -nodes -config client-cert.conf -keyout client-cert.key -out client-cert.crt
+* Client keystore
   ```
+  docker run --rm -v $(pwd)/certs:/certs eclipse-temurin:17-jre \
+   keytool -genkeypair \
+   -alias client1 \
+   -keyalg RSA \
+   -keysize 2048 \
+   -validity 3650 \
+   -storetype JKS \
+   -keystore /certs/client1.jks \
+   -storepass changeit \
+   -keypass changeit \
+   -dname "CN=client1"
+  ```
+
+  <details><summary>(Windows)</summary>
 
-* Generate _PKCS#12_ keystore
-  ```bash
-  openssl pkcs12 -export -inkey client-cert.key -in client-cert.crt -out client-cert.p12 -password "pass:cca-password"
+  ```
+  docker run --rm -v ${pwd}/certs:/certs eclipse-temurin:17-jre keytool -genkeypair -alias client1 -keyalg RSA -keysize 2048 -validity 3650 -storetype JKS -keystore /certs/client1.jks -storepass changeit -keypass changeit -dname "CN=client1"
   ```
 
-* Transform to JKS
+  </details>
+
+* Export client certificate
+  ```
+  docker run --rm -v $(pwd)/certs:/certs eclipse-temurin:17-jre \
+   keytool -exportcert \
+   -alias client1 \
+   -keystore /certs/client1.jks \
+   -storepass changeit \
+   -file /certs/client1.cer
+   ```
+
+  <details><summary>(Windows)</summary>
+
+  ```
+  docker run --rm -v ${pwd}/certs:/certs eclipse-temurin:17-jre keytool -exportcert -alias client1 -keystore /certs/client1.jks -storepass changeit -file /certs/client1.cer
+  ```
 
-  ```bash
-  keytool -importkeystore -deststorepass "cca-password" -destkeypass "cca-password" -srckeystore client-cert.p12 -srcstorepass "cca-password" -deststoretype pkcs12 -destkeystore client-cert.pkcs12
+  </details>
+
+* PKCS12 keystore for client
+
+  ```
+  docker run --rm -v $(pwd)/certs:/certs eclipse-temurin:17-jre \
+   keytool -importkeystore \
+   -srckeystore /certs/client1.jks \
+   -srcstoretype JKS \
+   -srcstorepass changeit \
+   -destkeystore /certs/client1.p12 \
+   -deststoretype PKCS12 \
+   -deststorepass changeit \
+   -destkeypass changeit
   ```
+
+  <details><summary>(Windows)</summary>
+
+  ```
+  docker run --rm -v ${pwd}/certs:/certs eclipse-temurin:17-jre keytool -importkeystore -srckeystore /certs/client1.jks -srcstoretype JKS -srcstorepass changeit -destkeystore /certs/client1.p12 -deststoretype PKCS12 -deststorepass changeit -destkeypass changeit
+  ```
+  
+  </details>
+
+
+## CREATE SERVER CREDENTIALS
+
+* Server keystore. Run once
+  ```
+  docker run --rm -v $(pwd)/certs:/certs eclipse-temurin:17-jre \
+   keytool -genkeypair \
+   -alias wiremock-server \
+   -keyalg RSA \
+   -keysize 2048 \
+   -validity 3650 \
+   -storetype JKS \
+   -keystore /certs/server.jks \
+   -storepass changeit \
+   -keypass changeit \
+   -dname "CN=localhost" \
+   -ext SAN=dns:localhost,ip:127.0.0.1
+   ```
+
+  <details><summary>(Windows)</summary>
+  
+  ```
+  docker run --rm -v ${pwd}/certs:/certs eclipse-temurin:17-jre keytool -genkeypair -alias wiremock-server -keyalg RSA -keysize 2048 -validity 3650 -storetype JKS -keystore /certs/server.jks -storepass changeit -keypass changeit -dname "CN=localhost" -ext SAN=dns:localhost,ip:127.0.0.1
+  ```
+  
+  </details>
+
+* Truststore for wiremock
+
+  ```
+  docker run --rm -v $(pwd)/certs:/certs eclipse-temurin:17-jre \
+   keytool -importcert \
+   -alias client1 \
+   -file /certs/client1.cer \
+   -keystore /certs/truststore.jks \
+   -storepass changeit \
+   -noprompt
+  ```
+
+  <details><summary>(Windows)</summary>
+
+  ```
+  docker run --rm -v ${pwd}/certs:/certs eclipse-temurin:17-jre keytool -importcert -alias client1 -file /certs/client1.cer -keystore /certs/truststore.jks -storepass changeit -noprompt
+  ```
+  
+  </details>