Update cert names for QA-connector, SC-2670

eidas-qa-connector/overlay/opt/eidas-connector/credentials/sc-qa-md-signer.crt

@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFIjCCAwoCCQCVO3v9xSA+FDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJT
+RTEnMCUGA1UECgweU3dlZGlzaCBFLWlkZW50aWZpY2F0aW9uIEJvYXJkMRswGQYD
+VQQDDBJRQSBNZXRhZGF0YSBTaWduZXIwHhcNMTcxMjE5MTIyMDI1WhcNMjcxMjE3
+MTIyMDI1WjBTMQswCQYDVQQGEwJTRTEnMCUGA1UECgweU3dlZGlzaCBFLWlkZW50
+aWZpY2F0aW9uIEJvYXJkMRswGQYDVQQDDBJRQSBNZXRhZGF0YSBTaWduZXIwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDYzcmlNTMkBzIYUXxT13zNMakh
+xR9BO1Qnlt2euUNdvL8FhgiNo+2AJDxFWts8nsg9Jam15F38nTqRMt4r1zFHYFJ5
+22h8urckpwvFVu/kjQrY8pztLE/pPvGXLPlySDkiRifCGibXuACngZx5chCwNs2h
+2OoMgKH7d5aZmUcB2mIc/Ybd98W9jtch1gh5/QM0aJsYnDTYuB840YGwHXCyiBUf
+1teUT9bJ/Y90OSXBdib9kuOmtQNMTYtyX8FAodYXVx8ibXNDfhdGaBJh+2J4lFTA
+DQQ1tM1YigZyvBuslBcuLDfZce0OaWPYPAf8PE8voxJhGkA026GGNjXP/9nRK146
+bkN4nd/Aa6842aYEOjjcDAl43tjHKZBu0+pnq/2GRiN7Dw4Y+Td/2y8PqD/W87CV
+ttrU6yniSMr7Y1+TfzzESSVPXs+csyatH9MJ2IA184Oh7TL6tPh5N96ugh7s85pN
+zswG+Gouw1BVCfqpSJmmNMheEOr6igOYQ0LY5aOooLoqET9gu0ks9cixjANFhnhE
+vRVkMfbnFVAnvXQEWPQY5NgqO4b0Z65ey011L+slNo6EIiw0FkznAwER0aYzrM2r
+hs/hJAAbjnxEhgMKN9bdoXpnrAehwbTOTipOWwrdcd3IKNdDEyFY15j5rGgyIBcK
+8gNnvGJLKcaC4vBd1QIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQBuws48HrfwW/Eq
+WN4+VSZ1cMgkp/mgqyyDdXoCPUf5o7ro17oDSocmpdQypiCr6M88MACBX8cqKmie
+kIyptrzp1x2seo8rTJpno97dt3hSwbe6+SbRh2bjDpDzL2ecrtv/GXjR41b2CbMO
+wu4WTgiFhWmKGNDNcEem37VUpKEYe7u/ucie71AQi49jM0rJ5uSVdBONKj3iAH5d
+mckw2nt6HKMJ0S+ckM/aq+m8ACgAyYmMr74Yt6wcpl/NORtIxaGUeT7Z8rN7TUmk
+gP9scbYF16xJJkxtylnK2BrSwSFOIuB5KJo2xxhuMffxEgdy4711TfwMCUaTPKmF
+dlYzPKeBaYzWFU42jcVsiQz4mSqgvS2dS8nZpYe2K0zHIzKwytn+HQ36KhRRDAVR
+7aKH9S8FZJXC6wqXFdEwwZujkGhu/BxgfjGkde8qOQMUwHboX9+aflQ9okB1Tha6
+xVB1kG86WdgJLmrsfqaX1FVyO761ZXYHTuoAZ0iuzIRhteUksfRZchnKpUX0fF1i
+yB9M0E6JfqvFeVfLlo8c2FI4MUYFWgqciizaXSfw0waMFdX5+U33eXr1RWF0POZX
+JERf83JkjVLanESP9/U9nsZYgIiSX88PahYtuSZLhqamzzFvK+wuVcNKark8s1kS
+2d8EIOY6h4jmS2ds9ORaavkV/xxTAA==
+-----END CERTIFICATE-----

eidas-qa-connector/overlay/opt/eidas-connector/credentials/test-metadata.crt

@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICyzCCAbMCBgFEwQFDRDANBgkqhkiG9w0BAQUFADApMScwJQYDVQQDDB5Td2VkaXNoIEUtaWRl
-bnRpZmljYXRpb24gYm9hcmQwHhcNMTQwMzE0MTIzMTI5WhcNMTkwMzE0MTQzMTI5WjApMScwJQYD
-VQQDDB5Td2VkaXNoIEUtaWRlbnRpZmljYXRpb24gYm9hcmQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQCGxrPbCuZYeMZniwOAIO1MiQjGD3LIfaLBddNucsAVrxpYW7bYMwzvgL2Gp4yV
-6IyAx5kUgHPjEkEEIjH+NhxYdChD8iWBkLuaOkxyYNXFjFQ3APk5kqP+BB+fP8peWlKGX6S2mfcB
-7eObDQqb28osfXE+bak4X2rNf5i+Yx9VdXBpRhDxk7umDdWTSJlc+ZCxWUt3ldc58/sXIgAzVWk4
-9A3GIvOHlBVgm/5g3yzU9HnxD1fyOKT+NkF5J9mjM0x8Qg9K/Zep3n1xmb8kZ/vcRxv+AounGDd7
-w/QWW84sPegySHqm5GkLSgwB63nJZr5wS+qoT9sTooCM0AhBhY1FAgMBAAEwDQYJKoZIhvcNAQEF
-BQADggEBAESqy6GrAEbL/blJQxDb/LCCW4y3KAAs/pqvR4SQMP0rvVe5FJiUJsE/6DEhk+cl0N+o
-5e8/NusIUD7f6vKSYTHgCodSeDYGdrkRrOucDBWgIlYVsR3yTb/za3AlgiTW6eGGqiY6SeEzXNTM
-5o0GpoZbknQZEK/xCJLtMAU6oX7pDBLahtYeJAJJNFVjtPKsERr2Ob2ni9XW8+fxyjv0v2gmlQvW
-i6VnpD6VJ3nwAFDsGHBgzli32YBd62rukqyiqvC595LNg0Dg4fyv1ZuOiqajWSd3x8JI6bS01QvY
-3fNKY84wMQXpRq9C3zRtpPKmh22W6mcQvh1uN3qNaIEEklE=
------END CERTIFICATE-----

global/overlay/etc/puppet/modules/eid/templates/connector/application-qa.yml.erb

@@ -10,10 +10,10 @@ spring:
           keystore:
             certificate: file:/etc/ssl/certs/<%= @server_fqdn %>_infra.crt
             private-key: file:/etc/ssl/private/<%= @server_fqdn %>_infra.key
+<% if @session_backend == 'redis' -%>
         sunet-tls-trust:
           truststore:
             certificate: file:/etc/ssl/certs/infra.crt
-<% if @session_backend == 'redis' -%>
           keystore:
             certificate: file:/etc/ssl/certs/<%= @server_fqdn %>_infra.crt
             private-key: file:/etc/ssl/private/<%= @server_fqdn %>_infra.key
@@ -63,12 +63,12 @@ credential:
     pem:
       connector-sign:
         name: "Connector Signing Credential"
-        certificates: file:${CONNECTOR_DIRECTORY}/credentials/metadata.crt
+        certificates: file:${CONNECTOR_DIRECTORY}/credentials/connector-qa-sign.crt
-        private-key: file:${CONNECTOR_DIRECTORY}/credentials/metadata.key
+        private-key: file:${CONNECTOR_DIRECTORY}/credentials/connector-qa-sign.key
       connector-encrypt:
         name: "Connector Encryption Credential"
-        certificates: file:${CONNECTOR_DIRECTORY}/credentials/connector.crt
+        certificates: file:${CONNECTOR_DIRECTORY}/credentials/connector-qa-enc.crt
-        private-key: file:${CONNECTOR_DIRECTORY}/credentials/connector.key
+        private-key: file:${CONNECTOR_DIRECTORY}/credentials/connector-qa-enc.key
     monitoring:
       enabled: true
       test-interval: 10m
@@ -80,7 +80,7 @@ connector:
   backup-directory: ${CONNECTOR_DIRECTORY}/backup
   eu-metadata:
     location: https://<%= @environment %>.md.eidas.swedenconnect.se/role/idp.xml
-    validation-certificate: file:${CONNECTOR_DIRECTORY}/credentials/metadata.crt
+    validation-certificate: file:${CONNECTOR_DIRECTORY}/credentials/sc-qa-md-signer.crt
   prid:
     policy-resource: file:${CONNECTOR_DIRECTORY}/prid/policy.properties
   idp:
@@ -115,7 +115,7 @@ saml:
     metadata-providers:
       - location: https://<%= @environment %>.md.swedenconnect.se/role/sp.xml
         backup-location: ${connector.backup-directory}/metadata/sc-cache.xml
-        validation-certificate: file:${CONNECTOR_DIRECTORY}/credentials/metadata.crt
+        validation-certificate: file:${CONNECTOR_DIRECTORY}/credentials/sc-qa-md-signer.crt
     credentials:
       # Use same as for IdP except for the metadata signing credential
       sign: