[PATCH] also generate the expired and not yet valid certificates

Ludwig Nussel ludwig.nussel at suse.de
Thu Oct 23 08:56:15 EDT 2008


not used by neon itself but useful for openssl s_server based tests

Signed-off-by: Ludwig Nussel <ludwig.nussel at suse.de>

---
 test/makekeys.sh |   12 ++++++++++++
 1 files changed, 12 insertions(+), 0 deletions(-)

diff --git a/test/makekeys.sh b/test/makekeys.sh
index 4d4a88e..44572fb 100755
--- a/test/makekeys.sh
+++ b/test/makekeys.sh
@@ -14,10 +14,15 @@ REQDN=reqDN
 STRMASK=default
 export REQDN STRMASK
 
+asn1date() {
+	date -d "$1" "+%y%m%d%H%M%SZ"
+}
+
 openssl version 1>&2
 
 set -ex
 
+rm -rf ca ca2
 mkdir ca
 touch ca/index.txt
 echo 01 > ca/serial
@@ -69,6 +74,9 @@ ${CA} -extensions caExt -days 3560 -in ca2.csr -out ca2/cert.pem
 
 csr_fields | ${REQ} -new -key ${srcdir}/server.key -out server.csr
 
+csr_fields | ${REQ} -new -key ${srcdir}/server.key -out expired.csr
+csr_fields | ${REQ} -new -key ${srcdir}/server.key -out notyet.csr
+
 csr_fields "Upper Case Dept" lOcALhost | \
 ${REQ} -new -key ${srcdir}/server.key -out caseless.csr
 
@@ -168,6 +176,10 @@ for f in server client clientdsa twocn caseless cnfirst \
   ${CA} -days 900 -in ${f}.csr -out ${f}.cert
 done
 
+${CA} -startdate `asn1date "2 days ago"` -enddate `asn1date "yesterday"` -in expired.csr -out expired.cert
+
+${CA} -startdate `asn1date "tomorrow"` -enddate `asn1date "2 days"` -in notyet.csr -out notyet.cert
+
 for n in 1 2 3 4 5 6 7 8; do
  ${CA} -extensions altExt${n} -days 900 \
      -in altname${n}.csr -out altname${n}.cert
-- 
1.5.6





More information about the neon mailing list