mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-04-06 20:20:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix a test_verify failure

Browse Source 
A recently added certificate in test/certs expired causing test_verify to fail.
This add a replacement certificate with a long expiry date.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12549)
This commit is contained in:
Matt Caswell 2020-07-28 15:28:06 +01:00
parent ef8980176d
commit 5cd9962272
2 changed files with 18 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
test/certs/ee-self-signed.pem
View File

@ -1,18 +1,19 @@
-----BEGIN CERTIFICATE-----
MIICzzCCAbegAwIBAgIUBP7iEKPlKuinZGQNFxSY3IBIb0swDQYJKoZIhvcNAQEL
BQAwGTEXMBUGA1UEAwwOZWUtc2VsZi1zaWduZWQwHhcNMjAwNjI4MTA1MTQ1WhcN
MjAwNzI4MTA1MTQ1WjAZMRcwFQYDVQQDDA5lZS1zZWxmLXNpZ25lZDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKj/iVhhha7e2ywP1XP74reoG3p1YCvU
fTxzdrWu3pMvfySQbckc9Io4zZ+igBZWy7Qsu5PlFx//DcZD/jE0+CjYdemju4iC
76Ny4lNiBUVN4DGX76qdENJYDZ4GnjK7GwhWXWUPP2aOwjagEf/AWTX9SRzdHEIz
BniuBDgj5ed1Z9OUrVqpQB+sWRD1DMFkrUrExjVTs5ZqghsVi9GZq+Seb5Sq0pbl
V/uMkWSKPCQWxtIZvoJgEztisO0+HbPK+WvfMbl6nktHaKcpxz9K4iIntO+QY9fv
0HJJPlutuRvUK2+GaN3VcxK4Q8ncQQ+io0ZPi2eIhA9h/nk0H0qJH7cCAwEAAaMP
MA0wCwYDVR0PBAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQBiLmIUCGb+hmRGbmpO
lDqEwiRVdxHBs4OSb3IA9QgU1QKUDRqn7q27RRelmzTXllubZZcX3K6o+dunRW5G
d3f3FVr+3Z7wnmkQtC2y3NWtGuWNczss+6rMLzKvla5CjRiNPlSvluMNpcs7BJxI
ppk1LxlaiYlQkDW32OPyxzXWDNv1ZkphcOcoCkHAagnq9x1SszvLTjAlo5XpYrm5
CPgBOEnVwFCgne5Ab4QPTgkxPh/Ta508I/FKaPLJqci1EfGKipZkS7mMGTUJEeVK
wZrn4z7RiTfJ4PdqO5iv8eOpt03fqdPEXQWe8DrKyfGM6/e369FaXMFhcd2ZxZy2
WHoc
MIIDIjCCAgqgAwIBAgIUT99h/YrAdcDg3fdLy5UajB8e994wDQYJKoZIhvcNAQEL
BQAwGTEXMBUGA1UEAwwOZWUtc2VsZi1zaWduZWQwIBcNMjAwNzI4MTQxNjA4WhgP
MjEyMDA3MDQxNDE2MDhaMBkxFzAVBgNVBAMMDmVlLXNlbGYtc2lnbmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP+JWGGFrt7bLA/Vc/vit6gbenVg
K9R9PHN2ta7eky9/JJBtyRz0ijjNn6KAFlbLtCy7k+UXH/8NxkP+MTT4KNh16aO7
iILvo3LiU2IFRU3gMZfvqp0Q0lgNngaeMrsbCFZdZQ8/Zo7CNqAR/8BZNf1JHN0c
QjMGeK4EOCPl53Vn05StWqlAH6xZEPUMwWStSsTGNVOzlmqCGxWL0Zmr5J5vlKrS
luVX+4yRZIo8JBbG0hm+gmATO2Kw7T4ds8r5a98xuXqeS0dopynHP0riIie075Bj
1+/Qckk+W625G9Qrb4Zo3dVzErhDydxBD6KjRk+LZ4iED2H+eTQfSokftwIDAQAB
o2AwXjAdBgNVHQ4EFgQU55viKq2KbDrLdlHljgeYIpfhc6IwHwYDVR0jBBgwFoAU
55viKq2KbDrLdlHljgeYIpfhc6IwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMC
B4AwDQYJKoZIhvcNAQELBQADggEBAGDEbS5kJArjjQNK02oxhQyz1dbDy23evRxm
WW/NtlJAQAgEMXoNo9fioj0L4cvDy40r87V6/RsV2eijwZEfwGloACif7v78w8QO
h4XiW9oGxcQkdMIYZLDVW9AZPDIkK5NHNfQaeAxCprAufYnRMv035UotLzCBRrkG
G2TIs45vRp/6mYFVtm0Nf9CFvu4dXH8W+GlBONG0FAiBW+JzgTr9OmrzfqJTEDrf
vv/hOiu8XvvlF5piPBqKE76rEvkXUSjgDZ2/Ju1fjqpV2I8Hz1Mj9w9tRE8g4E9o
ZcRXX3MNPaHxnNhgYSPdpywwkyILz2AHwmAzh07cdttRFFPw+fM=
-----END CERTIFICATE-----

2
test/certs/setup.sh
View File

@ -186,7 +186,7 @@ OPENSSL_KEYBITS=768 \
./mkcert.sh genee server.example ee-key-768 ee-cert-768 ca-key ca-cert
# self-signed end-entity cert with explicit keyUsage not including KeyCertSign
openssl req -new -x509 -key ee-key.pem -subj /CN=ee-self-signed -out ee-self-signed.pem -addext keyUsage=digitalSignature
openssl req -new -x509 -key ee-key.pem -subj /CN=ee-self-signed -out ee-self-signed.pem -addext keyUsage=digitalSignature -days 36500
# Proxy certificates, off of ee-client
# Start with some good ones