-
Notifications
You must be signed in to change notification settings - Fork 428
How to run Always Encrypted tests locally
lilgreenbird edited this page Oct 17, 2022
·
5 revisions
This wiki explains how to create the certificates that are necessary to run the Always Encrypted junit tests.
- Start Powershell
- Cd to Desktop (or anywhere that you would like to create a folder that holds the certificates).
- Run the below commands:
mkdir AE_Certificates
cd AE_Certificates
$certPass = "password"
$cert = New-SelfSignedCertificate -dns "AlwaysEncryptedCert" -CertStoreLocation Cert:CurrentUser\My
$pwd = ConvertTo-SecureString -String $certPass -Force -AsPlainText
$path = 'cert:\CurrentUser\My\' + $cert.thumbprint
$certificate = Export-PfxCertificate -cert $path -FilePath cert.pfx -Password $pwd
Get-ChildItem -path cert:\CurrentUser\My > certificate.txt
keytool -importkeystore -srckeystore cert.pfx -srcstoretype pkcs12 -destkeystore clientcert.jks -deststoretype pkcs12 -srcstorepass $certPass -deststorepass $certPass
keytool -list -v -keystore clientcert.jks -storepass $certPass > JavaKeyStoreBase.txt
Get-Content .\JavaKeyStoreBase.txt | Set-Content -Encoding utf8 JavaKeyStore.txt
Remove-Item –path .\JavaKeyStoreBase.txt
- Four files: cert.pfx, certificate.txt, clientcert.jks, and JavaKeyStore.txt should have been created inside AE_Certificates folder.
- Copy those four files over to <your_cloned_branch_folder_directory>/target/test-classes/. (the target folder should be created when you compile the project. The target folder is on the same level as the src folder)
- Start command line.
- Cd to Desktop (or anywhere that you would like to create a folder that holds the certificates).
- Run the below commands:
mkdir AE_Certificates
cd AE_Certificates
openssl req -newkey rsa:2048 -x509 -keyout cakey.pem -out cacert.pem -days 3650 -subj "/C=US/ST=WA/L=Redmond/O=Microsoft Corporation/OU=SQL Server/CN=JDBC Driver" -nodes
openssl pkcs12 -export -in cacert.pem -inkey cakey.pem -out identity.p12 -password pass:password
keytool -importkeystore -destkeystore clientcert.jks -deststorepass password -srckeystore identity.p12 -srcstoretype PKCS12 -srcstorepass password
keytool -list -v -keystore clientcert.jks -storepass "password" > JavaKeyStore.txt
- Four files: cert.pfx, certificate.txt, clientcert.jks, and JavaKeyStore.txt should have been created inside AE_Certificates folder.
- Copy those four files over to <your_cloned_branch_folder_directory>/target/test-classes/. (the target folder should be created when you compile the project. The target folder is on the same level as the src folder)