bug 1069945: generate certs for the tests in one place

and doc how to install signing certificate from an external CA

Change-Id: I92feb8eaeea617211ee7132480ac7a63bf0a1bf1

16 files changed, 17 insertions, 211 deletions

diff --git a/tests/signing/Makefile b/tests/signing/Makefile
deleted file mode 100644
index b56c0008..00000000
--- a/tests/signing/Makefile
+++ /dev/null
@@ -1,34 +0,0 @@
-# vim: tabstop=4 shiftwidth=4 softtabstop=4
-
-# Copyright 2012 Red Hat,. Inc
-
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-
-
-.SUFFIXES:  .json .pem
-
-SOURCES=auth_token_unscoped.json auth_token_scoped.json revocation_list.json
-SIGNED=$(SOURCES:.json=.pem)
-TARGETS=$(SIGNED)
-
-all: $(TARGETS)
-clean:
-	rm -f $(TARGETS) *~
-
-.json.pem :
-	openssl cms  -sign -in $<  -nosmimecap  -signer signing_cert.pem -inkey private_key.pem -outform PEM -nodetach -nocerts  -noattr -out $@
-
-
-
diff --git a/tests/signing/README b/tests/signing/README
deleted file mode 100644
index c8e5eae4..00000000
--- a/tests/signing/README
+++ /dev/null
@@ -1,11 +0,0 @@
-The commands to create the various pem files for the signed tokens and
-revocation list were generated by the associated make file.
-
-The hashed value in the revocation list was generated using the revoked token using
-the following python code
-
-from keystone.common import cms,utils
-f=open("tests/signing/auth_token_revoked.pem","r")
-r=f.read()
-utils.hash_signed_token(cms.cms_to_token(r))
-f.close()
diff --git a/tests/signing/auth_token_revoked.json b/tests/signing/auth_token_revoked.json
deleted file mode 100644
index 92c6922c..00000000
--- a/tests/signing/auth_token_revoked.json
+++ /dev/null
@@ -1 +0,0 @@
-{"access": {"serviceCatalog": [{"endpoints": [{"adminURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "volume", "name": "volume"}, {"endpoints": [{"adminURL": "http://127.0.0.1:9292/v1", "region": "regionOne", "internalURL": "http://127.0.0.1:9292/v1", "publicURL": "http://127.0.0.1:9292/v1"}], "endpoints_links": [], "type": "image", "name": "glance"}, {"endpoints": [{"adminURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "compute", "name": "nova"}, {"endpoints": [{"adminURL": "http://127.0.0.1:35357/v2.0", "region": "RegionOne", "internalURL": "http://127.0.0.1:35357/v2.0", "publicURL": "http://127.0.0.1:5000/v2.0"}], "endpoints_links": [], "type": "identity", "name": "keystone"}],"token": {"expires": "2012-06-02T14:47:34Z", "id": "placeholder", "tenant": {"enabled": true, "description": null, "name": "tenant_name1", "id": "tenant_id1"}}, "user": {"username": "revoked_username1", "roles_links": ["role1","role2"], "id": "revoked_user_id1", "roles": [{"name": "role1"}, {"name": "role2"}], "name": "revoked_username1"}}}
diff --git a/tests/signing/auth_token_revoked.pem b/tests/signing/auth_token_revoked.pem
deleted file mode 100644
index 186c0800..00000000
--- a/tests/signing/auth_token_revoked.pem
+++ /dev/null
@@ -1,40 +0,0 @@
------BEGIN CMS-----
-MIIHAwYJKoZIhvcNAQcCoIIG9DCCBvACAQExCTAHBgUrDgMCGjCCBeQGCSqGSIb3
-DQEHAaCCBdUEggXReyJhY2Nlc3MiOiB7InNlcnZpY2VDYXRhbG9nIjogW3siZW5k
-cG9pbnRzIjogW3siYWRtaW5VUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo4Nzc2L3Yx
-LzY0YjZmM2ZiY2M1MzQzNWU4YTYwZmNmODliYjY2MTdhIiwgInJlZ2lvbiI6ICJy
-ZWdpb25PbmUiLCAiaW50ZXJuYWxVUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo4Nzc2
-L3YxLzY0YjZmM2ZiY2M1MzQzNWU4YTYwZmNmODliYjY2MTdhIiwgInB1YmxpY1VS
-TCI6ICJodHRwOi8vMTI3LjAuMC4xOjg3NzYvdjEvNjRiNmYzZmJjYzUzNDM1ZThh
-NjBmY2Y4OWJiNjYxN2EifV0sICJlbmRwb2ludHNfbGlua3MiOiBbXSwgInR5cGUi
-OiAidm9sdW1lIiwgIm5hbWUiOiAidm9sdW1lIn0sIHsiZW5kcG9pbnRzIjogW3si
-YWRtaW5VUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo5MjkyL3YxIiwgInJlZ2lvbiI6
-ICJyZWdpb25PbmUiLCAiaW50ZXJuYWxVUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo5
-MjkyL3YxIiwgInB1YmxpY1VSTCI6ICJodHRwOi8vMTI3LjAuMC4xOjkyOTIvdjEi
-fV0sICJlbmRwb2ludHNfbGlua3MiOiBbXSwgInR5cGUiOiAiaW1hZ2UiLCAibmFt
-ZSI6ICJnbGFuY2UifSwgeyJlbmRwb2ludHMiOiBbeyJhZG1pblVSTCI6ICJodHRw
-Oi8vMTI3LjAuMC4xOjg3NzQvdjEuMS82NGI2ZjNmYmNjNTM0MzVlOGE2MGZjZjg5
-YmI2NjE3YSIsICJyZWdpb24iOiAicmVnaW9uT25lIiwgImludGVybmFsVVJMIjog
-Imh0dHA6Ly8xMjcuMC4wLjE6ODc3NC92MS4xLzY0YjZmM2ZiY2M1MzQzNWU4YTYw
-ZmNmODliYjY2MTdhIiwgInB1YmxpY1VSTCI6ICJodHRwOi8vMTI3LjAuMC4xOjg3
-NzQvdjEuMS82NGI2ZjNmYmNjNTM0MzVlOGE2MGZjZjg5YmI2NjE3YSJ9XSwgImVu
-ZHBvaW50c19saW5rcyI6IFtdLCAidHlwZSI6ICJjb21wdXRlIiwgIm5hbWUiOiAi
-bm92YSJ9LCB7ImVuZHBvaW50cyI6IFt7ImFkbWluVVJMIjogImh0dHA6Ly8xMjcu
-MC4wLjE6MzUzNTcvdjIuMCIsICJyZWdpb24iOiAiUmVnaW9uT25lIiwgImludGVy
-bmFsVVJMIjogImh0dHA6Ly8xMjcuMC4wLjE6MzUzNTcvdjIuMCIsICJwdWJsaWNV
-UkwiOiAiaHR0cDovLzEyNy4wLjAuMTo1MDAwL3YyLjAifV0sICJlbmRwb2ludHNf
-bGlua3MiOiBbXSwgInR5cGUiOiAiaWRlbnRpdHkiLCAibmFtZSI6ICJrZXlzdG9u
-ZSJ9XSwidG9rZW4iOiB7ImV4cGlyZXMiOiAiMjAxMi0wNi0wMlQxNDo0NzozNFoi
-LCAiaWQiOiAicGxhY2Vob2xkZXIiLCAidGVuYW50IjogeyJlbmFibGVkIjogdHJ1
-ZSwgImRlc2NyaXB0aW9uIjogbnVsbCwgIm5hbWUiOiAidGVuYW50X25hbWUxIiwg
-ImlkIjogInRlbmFudF9pZDEifX0sICJ1c2VyIjogeyJ1c2VybmFtZSI6ICJyZXZv
-a2VkX3VzZXJuYW1lMSIsICJyb2xlc19saW5rcyI6IFsicm9sZTEiLCJyb2xlMiJd
-LCAiaWQiOiAicmV2b2tlZF91c2VyX2lkMSIsICJyb2xlcyI6IFt7Im5hbWUiOiAi
-cm9sZTEifSwgeyJuYW1lIjogInJvbGUyIn1dLCAibmFtZSI6ICJyZXZva2VkX3Vz
-ZXJuYW1lMSJ9fX0NCjGB9zCB9AIBATBUME8xFTATBgNVBAoTDFJlZCBIYXQsIElu
-YzERMA8GA1UEBxMIV2VzdGZvcmQxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxCzAJ
-BgNVBAYTAlVTAgEBMAcGBSsOAwIaMA0GCSqGSIb3DQEBAQUABIGAXstA+yZ5N/cS
-+i7Mmlhi585cckvwSVAGj9huPTpqBItpbO44+U3yUojEwcghomtpygI/wzUa8Z40
-UW/L3nGlATlOG833zhGvLKrp76GIitYMgk1e0OEmzGXeAWLnQZFev8ooMPs9rwYW
-MgEdAfDMWWqX+Tb7exdboLpRUiCQx1c=
------END CMS-----
diff --git a/tests/signing/auth_token_scoped.json b/tests/signing/auth_token_scoped.json
deleted file mode 100644
index 16eb644f..00000000
--- a/tests/signing/auth_token_scoped.json
+++ /dev/null
@@ -1 +0,0 @@
-{"access": {"serviceCatalog": [{"endpoints": [{"adminURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8776/v1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "volume", "name": "volume"}, {"endpoints": [{"adminURL": "http://127.0.0.1:9292/v1", "region": "regionOne", "internalURL": "http://127.0.0.1:9292/v1", "publicURL": "http://127.0.0.1:9292/v1"}], "endpoints_links": [], "type": "image", "name": "glance"}, {"endpoints": [{"adminURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "region": "regionOne", "internalURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a", "publicURL": "http://127.0.0.1:8774/v1.1/64b6f3fbcc53435e8a60fcf89bb6617a"}], "endpoints_links": [], "type": "compute", "name": "nova"}, {"endpoints": [{"adminURL": "http://127.0.0.1:35357/v2.0", "region": "RegionOne", "internalURL": "http://127.0.0.1:35357/v2.0", "publicURL": "http://127.0.0.1:5000/v2.0"}], "endpoints_links": [], "type": "identity", "name": "keystone"}],"token": {"expires": "2012-06-02T14:47:34Z", "id": "placeholder", "tenant": {"enabled": true, "description": null, "name": "tenant_name1", "id": "tenant_id1"}}, "user": {"username": "user_name1", "roles_links": ["role1","role2"], "id": "user_id1", "roles": [{"name": "role1"}, {"name": "role2"}], "name": "user_name1"}}}
diff --git a/tests/signing/auth_token_scoped.pem b/tests/signing/auth_token_scoped.pem
deleted file mode 100644
index 42146a9a..00000000
--- a/tests/signing/auth_token_scoped.pem
+++ /dev/null
@@ -1,40 +0,0 @@
------BEGIN CMS-----
-MIIG7QYJKoZIhvcNAQcCoIIG3jCCBtoCAQExCTAHBgUrDgMCGjCCBc4GCSqGSIb3
-DQEHAaCCBb8EggW7eyJhY2Nlc3MiOiB7InNlcnZpY2VDYXRhbG9nIjogW3siZW5k
-cG9pbnRzIjogW3siYWRtaW5VUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo4Nzc2L3Yx
-LzY0YjZmM2ZiY2M1MzQzNWU4YTYwZmNmODliYjY2MTdhIiwgInJlZ2lvbiI6ICJy
-ZWdpb25PbmUiLCAiaW50ZXJuYWxVUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo4Nzc2
-L3YxLzY0YjZmM2ZiY2M1MzQzNWU4YTYwZmNmODliYjY2MTdhIiwgInB1YmxpY1VS
-TCI6ICJodHRwOi8vMTI3LjAuMC4xOjg3NzYvdjEvNjRiNmYzZmJjYzUzNDM1ZThh
-NjBmY2Y4OWJiNjYxN2EifV0sICJlbmRwb2ludHNfbGlua3MiOiBbXSwgInR5cGUi
-OiAidm9sdW1lIiwgIm5hbWUiOiAidm9sdW1lIn0sIHsiZW5kcG9pbnRzIjogW3si
-YWRtaW5VUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo5MjkyL3YxIiwgInJlZ2lvbiI6
-ICJyZWdpb25PbmUiLCAiaW50ZXJuYWxVUkwiOiAiaHR0cDovLzEyNy4wLjAuMTo5
-MjkyL3YxIiwgInB1YmxpY1VSTCI6ICJodHRwOi8vMTI3LjAuMC4xOjkyOTIvdjEi
-fV0sICJlbmRwb2ludHNfbGlua3MiOiBbXSwgInR5cGUiOiAiaW1hZ2UiLCAibmFt
-ZSI6ICJnbGFuY2UifSwgeyJlbmRwb2ludHMiOiBbeyJhZG1pblVSTCI6ICJodHRw
-Oi8vMTI3LjAuMC4xOjg3NzQvdjEuMS82NGI2ZjNmYmNjNTM0MzVlOGE2MGZjZjg5
-YmI2NjE3YSIsICJyZWdpb24iOiAicmVnaW9uT25lIiwgImludGVybmFsVVJMIjog
-Imh0dHA6Ly8xMjcuMC4wLjE6ODc3NC92MS4xLzY0YjZmM2ZiY2M1MzQzNWU4YTYw
-ZmNmODliYjY2MTdhIiwgInB1YmxpY1VSTCI6ICJodHRwOi8vMTI3LjAuMC4xOjg3
-NzQvdjEuMS82NGI2ZjNmYmNjNTM0MzVlOGE2MGZjZjg5YmI2NjE3YSJ9XSwgImVu
-ZHBvaW50c19saW5rcyI6IFtdLCAidHlwZSI6ICJjb21wdXRlIiwgIm5hbWUiOiAi
-bm92YSJ9LCB7ImVuZHBvaW50cyI6IFt7ImFkbWluVVJMIjogImh0dHA6Ly8xMjcu
-MC4wLjE6MzUzNTcvdjIuMCIsICJyZWdpb24iOiAiUmVnaW9uT25lIiwgImludGVy
-bmFsVVJMIjogImh0dHA6Ly8xMjcuMC4wLjE6MzUzNTcvdjIuMCIsICJwdWJsaWNV
-UkwiOiAiaHR0cDovLzEyNy4wLjAuMTo1MDAwL3YyLjAifV0sICJlbmRwb2ludHNf
-bGlua3MiOiBbXSwgInR5cGUiOiAiaWRlbnRpdHkiLCAibmFtZSI6ICJrZXlzdG9u
-ZSJ9XSwidG9rZW4iOiB7ImV4cGlyZXMiOiAiMjAxMi0wNi0wMlQxNDo0NzozNFoi
-LCAiaWQiOiAicGxhY2Vob2xkZXIiLCAidGVuYW50IjogeyJlbmFibGVkIjogdHJ1
-ZSwgImRlc2NyaXB0aW9uIjogbnVsbCwgIm5hbWUiOiAidGVuYW50X25hbWUxIiwg
-ImlkIjogInRlbmFudF9pZDEifX0sICJ1c2VyIjogeyJ1c2VybmFtZSI6ICJ1c2Vy
-X25hbWUxIiwgInJvbGVzX2xpbmtzIjogWyJyb2xlMSIsInJvbGUyIl0sICJpZCI6
-ICJ1c2VyX2lkMSIsICJyb2xlcyI6IFt7Im5hbWUiOiAicm9sZTEifSwgeyJuYW1l
-IjogInJvbGUyIn1dLCAibmFtZSI6ICJ1c2VyX25hbWUxIn19fQ0KMYH3MIH0AgEB
-MFQwTzEVMBMGA1UEChMMUmVkIEhhdCwgSW5jMREwDwYDVQQHEwhXZXN0Zm9yZDEW
-MBQGA1UECBMNTWFzc2FjaHVzZXR0czELMAkGA1UEBhMCVVMCAQEwBwYFKw4DAhow
-DQYJKoZIhvcNAQEBBQAEgYAD6hPEpc/0wHe3rYDBFec52h7gxdbrTNEN7jmwdFto
-xw0QnucmCREh9IUikJ2ob0c0uUC6cmNPajD9aFkGWhvNswNH2W2BYzUiC3CHM7U0
-7nsIe3OOatqyUAyoQUhHZnIAx1tOgdPBVflnrtdIV1vkdqxednlJZ52Hxob2PP3h
-xg==
------END CMS-----
diff --git a/tests/signing/auth_token_unscoped.json b/tests/signing/auth_token_unscoped.json
deleted file mode 100644
index b2340a76..00000000
--- a/tests/signing/auth_token_unscoped.json
+++ /dev/null
@@ -1 +0,0 @@
-{"access": {"token": {"expires": "2012-08-17T15:35:34Z", "id": "01e032c996ef4406b144335915a41e79"}, "serviceCatalog": {}, "user": {"username": "user_name1", "roles_links": [], "id": "c9c89e3be3ee453fbf00c7966f6d3fbd", "roles": [{'name': 'role1'},{'name': 'role2'},], "name": "user_name1"}}}
\ No newline at end of file
diff --git a/tests/signing/auth_token_unscoped.pem b/tests/signing/auth_token_unscoped.pem
deleted file mode 100644
index 771239b4..00000000
--- a/tests/signing/auth_token_unscoped.pem
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN CMS-----
-MIICLwYJKoZIhvcNAQcCoIICIDCCAhwCAQExCTAHBgUrDgMCGjCCARAGCSqGSIb3
-DQEHAaCCAQEEgf57ImFjY2VzcyI6IHsidG9rZW4iOiB7ImV4cGlyZXMiOiAiMjAx
-Mi0wOC0xN1QxNTozNTozNFoiLCAiaWQiOiAiMDFlMDMyYzk5NmVmNDQwNmIxNDQz
-MzU5MTVhNDFlNzkifSwgInNlcnZpY2VDYXRhbG9nIjoge30sICJ1c2VyIjogeyJ1
-c2VybmFtZSI6ICJ1c2VyX25hbWUxIiwgInJvbGVzX2xpbmtzIjogW10sICJpZCI6
-ICJjOWM4OWUzYmUzZWU0NTNmYmYwMGM3OTY2ZjZkM2ZiZCIsICJyb2xlcyI6IFtd
-LCAibmFtZSI6ICJ1c2VyX25hbWUxIn19fTGB9zCB9AIBATBUME8xFTATBgNVBAoT
-DFJlZCBIYXQsIEluYzERMA8GA1UEBxMIV2VzdGZvcmQxFjAUBgNVBAgTDU1hc3Nh
-Y2h1c2V0dHMxCzAJBgNVBAYTAlVTAgEBMAcGBSsOAwIaMA0GCSqGSIb3DQEBAQUA
-BIGAisEcxeNzNYbZPuWEEL+0SRAHjfaSFuhDHAAZ67P6LkoSN8IAio+2fqH2d1Ix
-qfUYBW/cVEYdEZ3itbR0KdDucemHFpows+eZVUe6nsV7hgMqXBmfrKyEC4PBuIoI
-/nofrwbV/R88v1jAIyrB3IbPUydXDK79lThL47rcGCeOuwI=
------END CMS-----
diff --git a/tests/signing/cacert.pem b/tests/signing/cacert.pem
deleted file mode 100644
index 00327660..00000000
--- a/tests/signing/cacert.pem
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICzjCCAjegAwIBAgIJAMwBikmrmZ0sMA0GCSqGSIb3DQEBBAUAME8xFTATBgNV
-BAoTDFJlZCBIYXQsIEluYzERMA8GA1UEBxMIV2VzdGZvcmQxFjAUBgNVBAgTDU1h
-c3NhY2h1c2V0dHMxCzAJBgNVBAYTAlVTMB4XDTEyMDUxODE5MzQ1MVoXDTIyMDUx
-NjE5MzQ1MVowTzEVMBMGA1UEChMMUmVkIEhhdCwgSW5jMREwDwYDVQQHEwhXZXN0
-Zm9yZDEWMBQGA1UECBMNTWFzc2FjaHVzZXR0czELMAkGA1UEBhMCVVMwgZ8wDQYJ
-KoZIhvcNAQEBBQADgY0AMIGJAoGBAORnyPRzimWPxIeTJ3DEedU5hzRjzfDC8ZHP
-ZgmB81V5VUiPTB72uNf8Wh6p0mhBMSmVkmvWJNjdrGWXU/SmtVd9EFLRyLwUt9kk
-3fjEHBl7HXLc1kAwaBsmA6LGDHvxQ34zXB2hvqd5x3BwPGnzN5XUEHjIjQncLkhi
-86BqaTkhAgMBAAGjgbEwga4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUv20jLjrl
-MDv+KyKSjzuEmagGCekwfwYDVR0jBHgwdoAUv20jLjrlMDv+KyKSjzuEmagGCemh
-U6RRME8xFTATBgNVBAoTDFJlZCBIYXQsIEluYzERMA8GA1UEBxMIV2VzdGZvcmQx
-FjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxCzAJBgNVBAYTAlVTggkAzAGKSauZnSww
-DQYJKoZIhvcNAQEEBQADgYEAYLM3oI2qawJpyNODliOkwRvlSsotF/2pn5EU85I5
-vGewZxrgwwy2DbK6w8EECcarOjRJwz1ZYyi8ZpATipbLTX2JtmSwiye6YjhJyU4f
-yp7jtnalLlpoDigHHWjc1jzoKDQTk7g1F/XzUBTG5rcEB24IzLXgr7vt2TU+7/nq
-KbY=
------END CERTIFICATE-----
diff --git a/tests/signing/private_key.pem b/tests/signing/private_key.pem
deleted file mode 100644
index e32a7cba..00000000
--- a/tests/signing/private_key.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKaTKHl5YfzfWUkV
-QS5O6UoBLQ+Sh/tHjXpKhsSmFXkKD4nFQiIf2X1HGdQkKFY258pVvWbVNb82LT4k
-F7r+tElQh4zzPO2f633hPs+GrrvzyDwXIKU2Y0/7aAy9mcPpHEK0ACnn0vYzF5Ax
-1FhqHmXpeNpxla4dxK1wPFNIwWgdAgMBAAECgYBTNwjtRnpxPZL5M6kQXVOmKNg+
-A1Hzcld3VGvnKaFoimIgzW6wZYDdWPvKQxXznBJHvnWUPcdP8ty/QoCoZj3h5ABA
-PaaJjsMDYzP5XzvFi1X0bWu5DZbrd5aCqCJV7qiHrAg6kfOzzqGgQULrh/LJh0nn
-1ZIDzx4o7RM9nreOAQJBANJxRNgh3msy4K72dipHewSX0ZBg0TlophfqXYuBauK0
-twIiqOtZwNmBM+bO8sYOqki/eagbzihEjcomVP+THCECQQDKor5ZKxRLPGW5t0B4
-ix85mbIHo7jkbVjcwEFEwnIZ5uLj0KD3G31UqmrocXuzJmWhwryWmwx0+BHMlhTq
-Nyx9AkEAmVZRTI75KvEqiDIrjckB2SnqWCJDsWoQRDLQMJt/T2tQQi0RGlQO0i1z
-rQU0Hp6G83UZZyXDhNHW4uolWwhNIQJAU3UT0MXdZd9KRmMjOoKSKbcTi/HyhKJE
-pybHuvoa5HAjopCauyunQuetgG6889wsn6ME6UKSrto8+nYVxyFSQQJALJ6x4AxJ
-IJJiR9lHIGQKw2SD1cty1FkSxHWcSc3CMTy3COrchI6o4wSJ/jMIRT95c09Ir5bT
-Mgus0nrjlXFl7w==
------END PRIVATE KEY-----
diff --git a/tests/signing/revocation_list.json b/tests/signing/revocation_list.json
deleted file mode 100644
index c3401b0f..00000000
--- a/tests/signing/revocation_list.json
+++ /dev/null
@@ -1 +0,0 @@
-{"revoked":[{"id":"7acfcfdaf6a14aebe97c61c5947bc4d3","expires":"2012-08-14T17:58:48Z"}]}
diff --git a/tests/signing/revocation_list.pem b/tests/signing/revocation_list.pem
deleted file mode 100644
index ad7a96f3..00000000
--- a/tests/signing/revocation_list.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CMS-----
-MIIBhgYJKoZIhvcNAQcCoIIBdzCCAXMCAQExCTAHBgUrDgMCGjBpBgkqhkiG9w0B
-BwGgXARaeyJyZXZva2VkIjpbeyJpZCI6IjdhY2ZjZmRhZjZhMTRhZWJlOTdjNjFj
-NTk0N2JjNGQzIiwiZXhwaXJlcyI6IjIwMTItMDgtMTRUMTc6NTg6NDhaIn1dfQ0K
-MYH3MIH0AgEBMFQwTzEVMBMGA1UEChMMUmVkIEhhdCwgSW5jMREwDwYDVQQHEwhX
-ZXN0Zm9yZDEWMBQGA1UECBMNTWFzc2FjaHVzZXR0czELMAkGA1UEBhMCVVMCAQEw
-BwYFKw4DAhowDQYJKoZIhvcNAQEBBQAEgYCVDgl1puOfsn2BNliKnHNsSucYI3xn
-aJvZ8UM2hg+TGgshMPhNjo1/p1VBqwyIb0+AAUnFj7fikCNE6dypvT+xX/vUgGnv
-4EJ2cqG/0PFB/8B6Tz3FSsFMhXUIRnXKKxLxMCkge1b072BapJ1FJm8sXSem5ecO
-adoOjW3kjFJk/A==
------END CMS-----
diff --git a/tests/signing/signing_cert.pem b/tests/signing/signing_cert.pem
deleted file mode 100644
index 2d277c9c..00000000
--- a/tests/signing/signing_cert.pem
+++ /dev/null
@@ -1,13 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICCzCCAXQCAQEwDQYJKoZIhvcNAQEEBQAwTzEVMBMGA1UEChMMUmVkIEhhdCwg
-SW5jMREwDwYDVQQHEwhXZXN0Zm9yZDEWMBQGA1UECBMNTWFzc2FjaHVzZXR0czEL
-MAkGA1UEBhMCVVMwHhcNMTIwNTE4MTk0MTQyWhcNMTMwNTE4MTk0MTQyWjBNMQsw
-CQYDVQQGEwJVUzEWMBQGA1UECBMNTWFzc2FjaHVzZXR0czEVMBMGA1UEChMMUmVk
-IEhhdCwgSW5jMQ8wDQYDVQQDEwZheW91bmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0A
-MIGJAoGBAKaTKHl5YfzfWUkVQS5O6UoBLQ+Sh/tHjXpKhsSmFXkKD4nFQiIf2X1H
-GdQkKFY258pVvWbVNb82LT4kF7r+tElQh4zzPO2f633hPs+GrrvzyDwXIKU2Y0/7
-aAy9mcPpHEK0ACnn0vYzF5Ax1FhqHmXpeNpxla4dxK1wPFNIwWgdAgMBAAEwDQYJ
-KoZIhvcNAQEEBQADgYEA1Nr9B+iTLLzlMc+8dsyJpDEzVPACVkElhVDojODfOW3p
-MD0rINb+icprJVp+zBOR0MDYtGyBFUNGLFE3z2i5gWKu/63Ge3wfC0KBLFs6UQEd
-82MQS3pBEub+4SM7XkhKajx12YgkX0ntEpNCAkm/YdGW4af5xlkViJ3cBpqWwuk=
------END CERTIFICATE-----
diff --git a/tests/test_auth_token_middleware.py b/tests/test_auth_token_middleware.py
index 77c4a0cb..0147555c 100644
--- a/tests/test_auth_token_middleware.py
+++ b/tests/test_auth_token_middleware.py
@@ -30,6 +30,13 @@ from keystone.openstack.common import timeutils
 from keystone import test
 
 
+CERTDIR = test.rootdir("examples/pki/certs")
+KEYDIR = test.rootdir("examples/pki/private")
+CMSDIR = test.rootdir("examples/pki/cms")
+SIGNING_CERT = os.path.join(CERTDIR, 'signing_cert.pem')
+SIGNING_KEY = os.path.join(KEYDIR, 'signing_key.pem')
+CA = os.path.join(CERTDIR, 'ca.pem')
+
 REVOCATION_LIST = None
 REVOKED_TOKEN = None
 REVOKED_TOKEN_HASH = None
@@ -145,7 +152,7 @@ TOKEN_RESPONSES = {
 # in the signing subdirectory.  In order to keep the values consistent between
 # the tests and the signed documents, we read them in for use in the tests.
 def setUpModule(self):
-    signing_path = os.path.join(os.path.dirname(__file__), 'signing')
+    signing_path = CMSDIR
     with open(os.path.join(signing_path, 'auth_token_scoped.pem')) as f:
         self.SIGNED_TOKEN_SCOPED = cms.cms_to_token(f.read())
     with open(os.path.join(signing_path, 'auth_token_unscoped.pem')) as f:
@@ -314,7 +321,7 @@ class BaseAuthTokenMiddlewareTest(test.TestCase):
             'auth_host': 'keystone.example.com',
             'auth_port': 1234,
             'auth_admin_prefix': '/testadmin',
-            'signing_dir': 'signing',
+            'signing_dir': CERTDIR,
         }
 
         self.middleware = auth_token.AuthProtocol(FakeApp(expected_env), conf)
diff --git a/tests/test_overrides.conf b/tests/test_overrides.conf
index 15c18faf..48f5dd7f 100644
--- a/tests/test_overrides.conf
+++ b/tests/test_overrides.conf
@@ -9,6 +9,6 @@ driver = keystone.catalog.backends.templated.TemplatedCatalog
 template_file = default_catalog.templates
 
 [signing]
-certfile = signing/signing_cert.pem
-keyfile = signing/private_key.pem
-ca_certs = signing/cacert.pem
+certfile = ../examples/pki/certs/signing_cert.pem
+keyfile = ../examples/pki/private/signing_key.pem
+ca_certs = ../examples/pki/certs/cacert.pem
diff --git a/tests/test_ssl.py b/tests/test_ssl.py
index ddd57535..d710867d 100644
--- a/tests/test_ssl.py
+++ b/tests/test_ssl.py
@@ -25,11 +25,11 @@ from keystone import test
 
 CONF = config.CONF
 
-CERTDIR = test.rootdir("examples/ssl/certs")
-KEYDIR = test.rootdir("examples/ssl/private")
-CERT = os.path.join(CERTDIR, 'keystone.pem')
-KEY = os.path.join(KEYDIR, 'keystonekey.pem')
-CA = os.path.join(CERTDIR, 'ca.pem')
+CERTDIR = test.rootdir("examples/pki/certs")
+KEYDIR = test.rootdir("examples/pki/private")
+CERT = os.path.join(CERTDIR, 'ssl_cert.pem')
+KEY = os.path.join(KEYDIR, 'ssl_key.pem')
+CA = os.path.join(CERTDIR, 'cacert.pem')
 CLIENT = os.path.join(CERTDIR, 'middleware.pem')