mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-20 23:49:30 +01:00
Merge pull request #1338 from drwetter/drwetter-dockerfiles1
Docker container for testing (generated by a script)
This commit is contained in:
commit
35c69bee27
31
utils/docker-debian10.tls13only.start.sh
Normal file
31
utils/docker-debian10.tls13only.start.sh
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
|
||||||
|
# no early data, but TLS 1.3 with debian:buster (sid simlar in Feb 2019)
|
||||||
|
|
||||||
|
image=${1:-"debian:buster"}
|
||||||
|
docker pull "$image"
|
||||||
|
ID=$(docker run -d -ti $image)
|
||||||
|
|
||||||
|
docker exec -ti $ID apt-get update
|
||||||
|
docker exec -ti $ID apt-get install -y ssl-cert dialog
|
||||||
|
docker exec -ti $ID apt-get install -y nginx-common nginx-light
|
||||||
|
docker exec -ti $ID cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.bak
|
||||||
|
docker exec -ti $ID sed -i -e 's/# listen/listen/' -e 's/# include/include/' /etc/nginx/sites-available/default
|
||||||
|
if echo "$0" | grep -q only; then
|
||||||
|
docker exec -ti $ID sed -i -e 's/listen \[::\]:443 ssl default_server;/&\n\tssl_protocols TLSv1\.3;\n\tssl_ecdh_curve X448:X25519;/' /etc/nginx/sites-available/default
|
||||||
|
else
|
||||||
|
docker exec -ti $ID sed -i -e 's/listen \[::\]:443 ssl default_server;/&\n\tssl_protocols TLSv1\.2 TLSv1\.3;\n\tssl_ecdh_curve X448:X25519;/' /etc/nginx/sites-available/default
|
||||||
|
fi
|
||||||
|
|
||||||
|
s/listen \[::\]:443 ssl default_server;/&\n\tssl_protocols TLSv1.2 TLSv1.3;/\n\tssl_ecdh_curve X448:X25519;' /etc/nginx/sites-available/default
|
||||||
|
|
||||||
|
docker exec -ti $ID nginx -V
|
||||||
|
docker exec -ti $ID service nginx start
|
||||||
|
docker exec -ti $ID service nginx status
|
||||||
|
# P Q
|
||||||
|
|
||||||
|
docker inspect $ID | jq -r '.[].NetworkSettings.IPAddress'
|
||||||
|
|
||||||
|
exit 0
|
||||||
|
|
||||||
|
|
||||||
|
|
55
utils/docker-nginx.tls13-earlydata.start.sh
Normal file
55
utils/docker-nginx.tls13-earlydata.start.sh
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
image="rsnow/nginx"
|
||||||
|
docker pull $image
|
||||||
|
ID=$(docker run -d -ti $image)
|
||||||
|
|
||||||
|
echo $ID
|
||||||
|
|
||||||
|
docker exec -ti $ID nginx -V
|
||||||
|
docker exec -ti $ID mkdir /etc/nginx/ssl
|
||||||
|
HN=$(docker exec -ti $ID hostname| tr -d '\n' | tr -d '\r')
|
||||||
|
|
||||||
|
cd /tmp
|
||||||
|
cat >$ID.conf << EOF
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 443 ssl default_server;
|
||||||
|
listen [::]:443 ssl default_server;
|
||||||
|
server_name _;
|
||||||
|
|
||||||
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
|
ssl_early_data on;
|
||||||
|
#
|
||||||
|
ssl_certificate /etc/nginx/ssl/$HN.crt;
|
||||||
|
ssl_certificate_key /etc/nginx/ssl/$HN.key;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
root /usr/share/nginx/html;
|
||||||
|
index index.html index.htm;
|
||||||
|
}
|
||||||
|
error_page 500 502 503 504 /50x.html;
|
||||||
|
location = /50x.html {
|
||||||
|
root /usr/share/nginx/html;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
|
||||||
|
docker cp $ID.conf $ID:/etc/nginx/conf.d/443.conf
|
||||||
|
|
||||||
|
C_ST_etc="C=DE/ST=Gotham/L=Nowhere/CN=${HN}"
|
||||||
|
openssl req -subj "/${C_ST_etc}/CN=${HN}" -newkey rsa:4096 -keyout "$HN.key" -nodes -sha256 -out "$HN.req"
|
||||||
|
openssl x509 -days 365 -in "$HN.req" -req -signkey "$HN.key" -out "$HN.crt"
|
||||||
|
docker cp $HN.key $ID:/etc/nginx/ssl
|
||||||
|
docker cp $HN.crt $ID:/etc/nginx/ssl
|
||||||
|
|
||||||
|
docker exec -ti $ID nginx -s reload
|
||||||
|
# docker start $ID
|
||||||
|
|
||||||
|
# P Q
|
||||||
|
docker inspect $ID | jq -r '.[].NetworkSettings.IPAddress'
|
||||||
|
|
||||||
|
exit 0
|
||||||
|
|
||||||
|
EOF
|
||||||
|
|
Loading…
Reference in New Issue
Block a user