[PATCH] also generate the expired and not yet valid certificates
Ludwig Nussel
ludwig.nussel at suse.de
Thu Oct 23 08:56:15 EDT 2008
not used by neon itself but useful for openssl s_server based tests
Signed-off-by: Ludwig Nussel <ludwig.nussel at suse.de>
---
test/makekeys.sh | 12 ++++++++++++
1 files changed, 12 insertions(+), 0 deletions(-)
diff --git a/test/makekeys.sh b/test/makekeys.sh
index 4d4a88e..44572fb 100755
--- a/test/makekeys.sh
+++ b/test/makekeys.sh
@@ -14,10 +14,15 @@ REQDN=reqDN
STRMASK=default
export REQDN STRMASK
+asn1date() {
+ date -d "$1" "+%y%m%d%H%M%SZ"
+}
+
openssl version 1>&2
set -ex
+rm -rf ca ca2
mkdir ca
touch ca/index.txt
echo 01 > ca/serial
@@ -69,6 +74,9 @@ ${CA} -extensions caExt -days 3560 -in ca2.csr -out ca2/cert.pem
csr_fields | ${REQ} -new -key ${srcdir}/server.key -out server.csr
+csr_fields | ${REQ} -new -key ${srcdir}/server.key -out expired.csr
+csr_fields | ${REQ} -new -key ${srcdir}/server.key -out notyet.csr
+
csr_fields "Upper Case Dept" lOcALhost | \
${REQ} -new -key ${srcdir}/server.key -out caseless.csr
@@ -168,6 +176,10 @@ for f in server client clientdsa twocn caseless cnfirst \
${CA} -days 900 -in ${f}.csr -out ${f}.cert
done
+${CA} -startdate `asn1date "2 days ago"` -enddate `asn1date "yesterday"` -in expired.csr -out expired.cert
+
+${CA} -startdate `asn1date "tomorrow"` -enddate `asn1date "2 days"` -in notyet.csr -out notyet.cert
+
for n in 1 2 3 4 5 6 7 8; do
${CA} -extensions altExt${n} -days 900 \
-in altname${n}.csr -out altname${n}.cert
--
1.5.6
More information about the neon
mailing list