curl/tests/certs
Paul Howarth ef07452a5c
tests: avoid use of sha1 in certificates
The SHA-1 algorithm is deprecated (particularly for security-sensitive
applications) in a variety of OS environments. This already affects
RHEL-9 and derivatives, which are not willing to use certificates using
that algorithm. The fix is to use sha256 instead, which is already used
for most of the other certificates in the test suite.

Fixes #10135

This gets rid of issues related to sha1 signatures.

Manual steps after "make clean-certs" and "make build-certs":

- Copy tests/certs/stunnel-sv.pem to tests/stunnel.pem
  (make clean-certs does not remove the original tests/stunnel.pem)

- Copy tests/certs/Server-localhost-sv.pubkey-pinned into --pinnedpubkey
  options of tests/data/test2041 and tests/data/test2087

Closes #10153
2022-12-26 09:47:43 +01:00
..
scripts tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
.gitignore tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
EdelCurlRoot-ca.cacert tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
EdelCurlRoot-ca.cnf tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
EdelCurlRoot-ca.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
EdelCurlRoot-ca.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
EdelCurlRoot-ca.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
EdelCurlRoot-ca.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
EdelCurlRoot-ca.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
Makefile.am tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.crl tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.dhp
Server-localhost0h-sv.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
Server-localhost0h-sv.pub.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.pub.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.pubkey-pinned tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.crl tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.dhp
Server-localhost-firstSAN-sv.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
Server-localhost-firstSAN-sv.pub.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.pub.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.pubkey-pinned tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.crl tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.dhp
Server-localhost-lastSAN-sv.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
Server-localhost-lastSAN-sv.pub.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.pub.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.pubkey-pinned tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.crl tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.dhp
Server-localhost-sv.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
Server-localhost-sv.pub.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.pub.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.pubkey-pinned tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.crl tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.dhp
Server-localhost.nn-sv.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
Server-localhost.nn-sv.pub.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.pub.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.pubkey-pinned tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
srp-verifier-conf
srp-verifier-db
stunnel-sv.crl tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.dhp tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
stunnel-sv.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
stunnel-sv.pub.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.pub.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.pubkey-pinned tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00