Commit 38c304a5 authored by Dan Fandrich's avatar Dan Fandrich
Browse files

tests/certs: added make target to rebuild certificates 

The certificate generation scripts were also updated to better match the
format of the certificates currently checked in.
parent 9cd4d651

tests/certs/Makefile.am

+28 −7
Original line number Diff line number Diff line
@@ -23,14 +23,19 @@ AUTOMAKE_OPTIONS = foreign 


SUBDIRS = scripts



CERTFILES = \

  EdelCurlRoot-ca.cacert \

CERTCONFIGS = \

  EdelCurlRoot-ca.prm \

  EdelCurlRoot-ca.cnf \

  Server-localhost-sv.prm \

  Server-localhost.nn-sv.prm \

  Server-localhost0h-sv.prm



GENERATEDCERTS = \

  EdelCurlRoot-ca.cacert \

  EdelCurlRoot-ca.crt \

  EdelCurlRoot-ca.csr \

  EdelCurlRoot-ca.der \

  EdelCurlRoot-ca.key \

  EdelCurlRoot-ca.prm \

  Server-localhost-sv.crl \

  Server-localhost-sv.crt \

  Server-localhost-sv.csr \
@@ -39,7 +44,6 @@ CERTFILES = \ 
  Server-localhost-sv.key \

  Server-localhost-sv.p12 \

  Server-localhost-sv.pem \

  Server-localhost-sv.prm \

  Server-localhost-sv.pub.der \

  Server-localhost-sv.pub.pem \

  Server-localhost.nn-sv.crl \
@@ -49,7 +53,6 @@ CERTFILES = \ 
  Server-localhost.nn-sv.dhp \

  Server-localhost.nn-sv.key \

  Server-localhost.nn-sv.pem \

  Server-localhost.nn-sv.prm \

  Server-localhost.nn-sv.pub.der \

  Server-localhost.nn-sv.pub.pem \

  Server-localhost0h-sv.crl \
@@ -60,7 +63,6 @@ CERTFILES = \ 
  Server-localhost0h-sv.key \

  Server-localhost0h-sv.p12 \

  Server-localhost0h-sv.pem \

  Server-localhost0h-sv.prm \

  Server-localhost0h-sv.pub.der \

  Server-localhost0h-sv.pub.pem
@@ -68,5 +70,24 @@ SRPFILES = \ 
  srp-verifier-conf \

  srp-verifier-db



EXTRA_DIST = $(CERTFILES) $(SRPFILES)

EXTRA_DIST = $(CERTCONFIGS) $(GENERATEDCERTS) $(SRPFILES)



# Rebuild the certificates



clean-certs:

	cd $(srcdir); rm -f $(GENERATEDCERTS)



build-certs: $(srcdir)/EdelCurlRoot-ca.cacert $(srcdir)/Server-localhost-sv.pem \

	$(srcdir)/Server-localhost.nn-sv.pem $(srcdir)/Server-localhost0h-sv.pem



$(srcdir)/EdelCurlRoot-ca.cacert:

	cd $(srcdir); scripts/genroot.sh EdelCurlRoot



$(srcdir)/Server-localhost-sv.pem: $(srcdir)/EdelCurlRoot-ca.cacert

	cd $(srcdir); scripts/genserv.sh Server-localhost EdelCurlRoot



$(srcdir)/Server-localhost.nn-sv.pem: $(srcdir)/EdelCurlRoot-ca.cacert

	cd $(srcdir); scripts/genserv.sh Server-localhost.nn EdelCurlRoot



$(srcdir)/Server-localhost0h-sv.pem: $(srcdir)/EdelCurlRoot-ca.cacert

	cd $(srcdir); scripts/genserv.sh Server-localhost0h EdelCurlRoot

tests/certs/scripts/genroot.sh

+4 −4
Original line number Diff line number Diff line
@@ -50,15 +50,15 @@ echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION - 


$OPENSSL x509  -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -req -signkey $PREFIX-ca.key -in $PREFIX-ca.csr -out $PREFIX-$SERIAL-ca.cacert -sha1



echo "openssl x509 -text -hash -out $PREFIX-ca.cacert -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline"

$OPENSSL x509 -text -hash -out $PREFIX-ca.cacert -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline

echo "openssl x509 -text -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline > $PREFIX-ca.cacert "

$OPENSSL x509 -text -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline > $PREFIX-ca.cacert



echo "openssl x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der "

$OPENSSL x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der



echo "openssl x509 -in $PREFIX-ca.cacert -text -out $PREFIX-ca.crt -nameopt multiline"

echo "openssl x509 -in $PREFIX-ca.cacert -text -nameopt multiline > $PREFIX-ca.crt "



$OPENSSL x509 -in $PREFIX-ca.cacert -text -out $PREFIX-ca.crt -nameopt multiline

$OPENSSL x509 -in $PREFIX-ca.cacert -text -nameopt multiline > $PREFIX-ca.crt



echo "openssl x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline"

$OPENSSL x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline

tests/certs/scripts/genserv.sh

+2 −2
Original line number Diff line number Diff line
@@ -81,9 +81,9 @@ $OPENSSL rsa -in $PREFIX-sv.key -pubout -outform DER -out $PREFIX-sv.pub.der 
echo "openssl rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem"

$OPENSSL rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem



echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1"

echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -text -nameopt multiline -sha1 > $PREFIX-sv.crt "



$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1

$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -text -nameopt multiline -sha1 > $PREFIX-sv.crt



if [ "$P12." = YES. ] ; then