wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix generation of expired CA certificate.

Browse source 
Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Dr. Stephen Henson 2016-06-22 18:09:42 +01:00
parent 768a3eca39
commit b58614d7f5
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
test/certs/mkcert.sh
View file

@ -8,7 +8,9 @@
# 100 years should be enough for now
#
DAYS=36525
if [ -z "$DAYS" ]; then
DAYS=36525
fi
if [ -z "$OPENSSL_SIGALG" ]; then
OPENSSL_SIGALG=sha256

2
test/certs/setup.sh
View file

@ -86,7 +86,7 @@ openssl x509 -in sroot-cert.pem -trustout \
./mkcert.sh genca "CA" ca-key2 ca-cert2 root-key root-cert
./mkcert.sh genca "CA2" ca-key ca-name2 root-key root-cert
./mkcert.sh genca "CA" ca-key ca-root2 root-key2 root-cert2
./mkcert.sh genca "CA" ca-key ca-expired root-key root-cert -days -1
DAYS=-1 ./mkcert.sh genca "CA" ca-key ca-expired root-key root-cert
#
openssl x509 -in ca-cert.pem -trustout \
-addtrust serverAuth -out ca+serverAuth.pem