mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2024-12-15 06:40:09 +08:00
Code Issues Packages Projects Releases Wiki Activity
f27262b179
curl/tests/certs
History
Paul Howarth ef07452a5c
tests: avoid use of sha1 in certificates 
The SHA-1 algorithm is deprecated (particularly for security-sensitive
applications) in a variety of OS environments. This already affects
RHEL-9 and derivatives, which are not willing to use certificates using
that algorithm. The fix is to use sha256 instead, which is already used
for most of the other certificates in the test suite.

Fixes #10135

This gets rid of issues related to sha1 signatures.

Manual steps after "make clean-certs" and "make build-certs":

- Copy tests/certs/stunnel-sv.pem to tests/stunnel.pem
  (make clean-certs does not remove the original tests/stunnel.pem)

- Copy tests/certs/Server-localhost-sv.pubkey-pinned into --pinnedpubkey
  options of tests/data/test2041 and tests/data/test2087

Closes #10153
2022-12-26 09:47:43 +01:00
..
scripts tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
.gitignore tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
EdelCurlRoot-ca.cacert tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
EdelCurlRoot-ca.cnf tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
EdelCurlRoot-ca.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
EdelCurlRoot-ca.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
EdelCurlRoot-ca.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
EdelCurlRoot-ca.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
EdelCurlRoot-ca.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
Makefile.am tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.crl tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.dhp tests/certs: rebuild certificates with modified key usage bits 2015-03-21 16:33:58 +01:00
Server-localhost0h-sv.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
Server-localhost0h-sv.pub.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.pub.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost0h-sv.pubkey-pinned tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.crl tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.dhp schannel: add support for CURLOPT_CAINFO 2018-04-18 03:59:47 -04:00
Server-localhost-firstSAN-sv.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
Server-localhost-firstSAN-sv.pub.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.pub.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-firstSAN-sv.pubkey-pinned tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.crl tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.dhp schannel: add support for CURLOPT_CAINFO 2018-04-18 03:59:47 -04:00
Server-localhost-lastSAN-sv.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
Server-localhost-lastSAN-sv.pub.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.pub.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-lastSAN-sv.pubkey-pinned tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.crl tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.dhp tests/certs: rebuild certificates with modified key usage bits 2015-03-21 16:33:58 +01:00
Server-localhost-sv.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
Server-localhost-sv.pub.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.pub.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost-sv.pubkey-pinned tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.crl tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.dhp tests/certs: rebuild certificates with modified key usage bits 2015-03-21 16:33:58 +01:00
Server-localhost.nn-sv.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
Server-localhost.nn-sv.pub.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.pub.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
Server-localhost.nn-sv.pubkey-pinned tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
srp-verifier-conf TLS-SRP: support added when using GnuTLS 2011-01-19 20:35:02 +01:00
srp-verifier-db TLS-SRP: support added when using GnuTLS 2011-01-19 20:35:02 +01:00
stunnel-sv.crl tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.crt tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.csr tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.dhp tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
stunnel-sv.key tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.prm tests: add authorityInfoAccess to generated certs 2022-11-26 00:11:57 +01:00
stunnel-sv.pub.der tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.pub.pem tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00
stunnel-sv.pubkey-pinned tests: avoid use of sha1 in certificates 2022-12-26 09:47:43 +01:00