diff options
author | Andrew Zaborowski <andrew.zaborowski@intel.com> | 2022-10-31 11:53:41 +0100 |
---|---|---|
committer | Denis Kenzior <denkenz@gmail.com> | 2022-11-01 09:29:15 -0500 |
commit | 24110620f8145e8d7ffca5bee414bbac1cede198 (patch) | |
tree | bff1dad7f39ed64687db4ed8fba8c4b33f579cd0 | |
parent | 57dae0edb152ba634db51f9fd44e98b0641eb74e (diff) |
build: Generate an expired test certificate
-rw-r--r-- | .gitignore | 2 | ||||
-rw-r--r-- | Makefile.am | 29 |
2 files changed, 29 insertions, 2 deletions
@@ -67,6 +67,8 @@ unit/cert-*.csr unit/cert-*.srl unit/cert-*.crt unit/cert-*.p12 +unit/cert-ca.cnf +unit/cert-ca-index* unit/ec-cert-*.pem unit/ec-cert-*.csr unit/key-*.dat diff --git a/Makefile.am b/Makefile.am index 596771ad..7daebde5 100644 --- a/Makefile.am +++ b/Makefile.am @@ -242,7 +242,8 @@ cert_files = unit/cert-chain.pem \ unit/cert-entity-pkcs12-rc4-sha384.p12 \ unit/cert-entity-pkcs12-pkcs5-sha512.p12 \ unit/cert-entity-combined.pem \ - unit/cert-no-keyid.pem + unit/cert-no-keyid.pem \ + unit/cert-expired.pem cert_checks = unit/cert-intca \ unit/cert-entity-int \ @@ -617,6 +618,29 @@ unit/cert-no-keyid.pem: unit/cert-no-keyid.csr unit/cert-ca2.pem unit/gencerts.c unit/cert-no-keyid: unit/cert-no-keyid.pem unit/cert-ca2.pem $(AM_V_GEN)openssl verify -CAfile $(builddir)/unit/cert-ca2.pem $< +unit/cert-expired.csr: unit/cert-client-key-pkcs1.pem unit/gencerts.cnf + $(AM_V_GEN)openssl req -new -extensions cert_ext \ + -config $(srcdir)/unit/gencerts.cnf \ + -subj '/O=Bar Example Organization/CN=Bar Example Organization/emailAddress=bar@mail.example' \ + -key $< -out $@ + +unit/cert-ca.cnf: + $(AM_V_GEN)echo -e '[example]\ndatabase = unit/cert-ca-index.txt\npolicy = dummy\nserial = dummy\n[dummy]' > $@ + +unit/cert-expired.pem: unit/cert-expired.csr unit/cert-ca.pem unit/gencerts.cnf unit/cert-ca.cnf + $(AM_V_at)> unit/cert-ca-index.txt + $(AM_V_at)$(MKDIR_P) unit/cert-ca-tmp + $(AM_V_GEN)openssl ca -batch \ + -config $(builddir)/unit/cert-ca.cnf -name example \ + -cert $(builddir)/unit/cert-ca.pem \ + -keyfile $(builddir)/unit/cert-ca-key.pem \ + -outdir $(builddir)/unit/cert-ca-tmp \ + -rand_serial -extensions cert_ext \ + -extfile $(srcdir)/unit/gencerts.cnf -md sha256 \ + -startdate 000101120000Z -enddate 010101120000Z \ + -preserveDN -notext -in $< -out $@ 2> /dev/null + $(AM_V_at)rm -r unit/cert-ca-tmp unit/cert-ca-index.txt + unit/cert-entity-pkcs12-nomac.p12: unit/cert-entity-int-key.pem unit/cert-entity-int.pem $(AM_V_GEN)openssl pkcs12 -inkey $< -in $(builddir)/unit/cert-entity-int.pem -out $@ -export -passout pass:abc -nomac # defaut ciphers @@ -660,7 +684,8 @@ endif clean-local: -rm -f unit/ec-cert*.pem unit/ec-cert-*.csr \ - unit/cert-*.pem unit/cert-*.csr unit/cert-*.srl unit/key-*.dat + unit/cert-*.pem unit/cert-*.csr unit/cert-*.srl unit/key-*.dat \ + unit/cert-ca-index* unit/cert-ca.cnf maintainer-clean-local: -rm -rf build-aux |