Update ria-dev configuration to use cdoc2-keyserver.dev.riaint.ee server and a new certificate

Author: jann0k

cdoc2-cli/config/ria-dev/README.md

@@ -2,10 +2,10 @@
 This directory contains cdoc2-cli config for RIA-dev servers
 
 TLS (POST)
-https://cdoc2-keyserver-01.dev.riaint.ee:8443
+https://cdoc2-keyserver.dev.riaint.ee:8443
 
 mTLS (GET)
-https://cdoc2-keyserver-01.dev.riaint.ee:8444
+https://cdoc2-keyserver.dev.riaint.ee:8444
 
 ## Id-card
 Run from cdoc2-cli directory
@@ -26,11 +26,11 @@ Client certificate must be trusted by server
 
 ### Encrypt
 ```
-java -jar target/cdoc2-cli-*.jar create --server=config/ria-dev/ria-dev_pkcs12.properties -f /tmp/ria2.cdoc -p keys/cdoc2client_pub.pem README.md
+java -jar target/cdoc2-cli-*.jar create --server=config/ria-dev/ria-dev_pkcs12.properties -f /tmp/ria_p12.cdoc -p keys/cdoc2client_pub.pem README.md
 ```
 
 ### Decrypt
 
 ```
-java -jar target/cdoc2-cli-*.jar decrypt --server=config/ria-dev/ria-dev_pkcs12.properties -f /tmp/ria2.cdoc -k keys/cdoc2client.pem
+java -jar target/cdoc2-cli-*.jar decrypt --server=config/ria-dev/ria-dev_pkcs12.properties -p12 keys/cdoc2client.p12:passwd -f /tmp/ria_p12.cdoc -o /tmp
 ```

cdoc2-cli/config/ria-dev/cdoc2-keyserver-01.dev.riaint.ee.crt

@@ -0,0 +1 @@
+keytool -import -trustcacerts -file tls-issuer.crt.pem -alias klass3-ria_2018_ecc_g3 -storepass passwd -keystore clienttruststore_ria-dev.jks

cdoc2-cli/config/ria-dev/clienttruststore_ria-dev.jks

@@ -1,7 +1,7 @@
 # ria-dev, mutual TLS establishment with private key from id-cards (for reading key-capsule from the server)
 cdoc2.client.server.id=ria-dev
-cdoc2.client.server.base-url.post=https://cdoc2-keyserver-01.dev.riaint.ee:8443
-cdoc2.client.server.base-url.get=https://cdoc2-keyserver-01.dev.riaint.ee:8444
+cdoc2.client.server.base-url.post=https://cdoc2-keyserver.dev.riaint.ee:8443
+cdoc2.client.server.base-url.get=https://cdoc2-keyserver.dev.riaint.ee:8444
 
 # trusted certificates by client
 cdoc2.client.ssl.trust-store.type=JKS

cdoc2-cli/config/ria-dev/clienttruststore_ria-dev.jks.README

@@ -1,9 +1,12 @@
 # ria-dev, mutual TLS establishment with private key from PKCS12 store (for reading key-capsule from the server)
 # public key part of servers trusted certs. See cdoc2-server/cdoc2-server/keys/README.md
 cdoc2.client.server.id=ria-dev
-cdoc2.client.server.base-url.post=https://cdoc2-keyserver-01.dev.riaint.ee:8443
-cdoc2.client.server.base-url.get=https://cdoc2-keyserver-01.dev.riaint.ee:8444
+cdoc2.client.server.base-url.post=https://cdoc2-keyserver.dev.riaint.ee:8443
+cdoc2.client.server.base-url.get=https://cdoc2-keyserver.dev.riaint.ee:8444
 
+cdoc2.client.server.debug=true
+cdoc2.client.server.connect-timeout=1000
+cdoc2.client.server.read-timeout=1000
 
 # trusted certificates by client
 cdoc2.client.ssl.trust-store.type=JKS

cdoc2-cli/config/ria-dev/ria-dev.properties

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICvTCCAmOgAwIBAgIIEwktMxn8tjIwCgYIKoZIzj0EAwQwcTELMAkGA1UEBhMC
+RUUxJTAjBgNVBAoMHEluZm9ybWF0aW9uIFN5c3RlbSBBdXRob3JpdHkxIDAeBgNV
+BAMMF1JJQSBST09UIENBIDIwMTggRUNDIEcyMRkwFwYJKoZIhvcNAQkBFgpwa2lA
+cmlhLmVlMB4XDTIwMDgxODEwMDU1M1oXDTM4MDkyMDIwNDIxOFowdjELMAkGA1UE
+BhMCRUUxJTAjBgNVBAoMHEluZm9ybWF0aW9uIFN5c3RlbSBBdXRob3JpdHkxHzAd
+BgNVBAsMFkNlcnRpZmljYXRpb24gU2VydmljZXMxHzAdBgNVBAMMFktMQVNTMy1S
+SUEgMjAxOCBFQ0MgRzMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAT3VfEDD3qs
+NO5cTGmJHeUdgWKMVOKwFunKmUf5fx82waWthh/XgcZXBxg6wMpc05x/wsVjhEtz
+q4Ll6UeFwiJDo4HfMIHcMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU
+UCFh01APe/+6Mb/XVsMuezIYCEIwdgYIKwYBBQUHAQEEajBoMEMGCCsGAQUFBzAC
+hjdodHRwOi8vd3d3LnJpYS5lZS9jZXJ0cy9SSUFfUk9PVF9DQV8yMDE4X0VDQ19H
+Mi5kZXIuY3J0MCEGCCsGAQUFBzABhhVodHRwOi8vb2NzcC5yaWEuZWUvQ0EwHQYD
+VR0OBBYEFFcaZmPOL66vUw4v7g888ZdZ3c7EMA4GA1UdDwEB/wQEAwIBxjAKBggq
+hkjOPQQDBANIADBFAiEAipQ0yy53GLNbYFuMyxSHBKmEchGxZojuxsV62rS7C/gC
+IF7PshKqti26zdo/0JuwYXIohUdiSpbIPTcZgU1Su9Wo
+-----END CERTIFICATE-----