add some default value to be compatible with libressl in test CA
This commit is contained in:
kakwa
parent
7f2d2cf4c1
commit
550f44d8c2
|
|
@ -4,6 +4,9 @@
|
|||
#
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
DN_SECTION=dn_ca
|
||||
CN=DEFAULT
|
||||
|
||||
# Extensions required to a TSA certificate
|
||||
[ tsa_cert ]
|
||||
|
||||
|
|
@ -26,27 +29,22 @@ authorityKeyIdentifier=keyid,issuer:always
|
|||
#
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
# Common properties of all the certificates/CA (CN, OU, etc...)
|
||||
[ dn_section ]
|
||||
countryName = FR
|
||||
stateOrProvinceName = Paris
|
||||
localityName = Paris
|
||||
organizationName = UTS-SERVER test
|
||||
|
||||
# CN is passed through environment variable "CN"
|
||||
commonName = $ENV::CN
|
||||
|
||||
|
||||
# OpenSSL parameters for certificate requests generation
|
||||
[ req ]
|
||||
default_bits = 4096
|
||||
default_md = sha512
|
||||
distinguished_name = dn_section
|
||||
distinguished_name = $ENV::DN_SECTION
|
||||
encrypt_rsa_key = no
|
||||
prompt = no
|
||||
# The extentions to add to the self signed cert
|
||||
x509_extensions = v3_ca
|
||||
|
||||
# Common properties of the CA
|
||||
[ dn_ca ]
|
||||
countryName = FR
|
||||
stateOrProvinceName = Paris
|
||||
localityName = Paris
|
||||
organizationName = UTS-SERVER CA
|
||||
|
||||
# Extensions for a typical CA
|
||||
[ v3_ca ]
|
||||
|
|
@ -55,3 +53,12 @@ subjectKeyIdentifier=hash
|
|||
authorityKeyIdentifier=keyid:always,issuer:always
|
||||
basicConstraints = critical,CA:true
|
||||
keyUsage = cRLSign, keyCertSign
|
||||
|
||||
# Common properties of all the certificates (CN, OU, etc...)
|
||||
[ dn_cert ]
|
||||
countryName = FR
|
||||
stateOrProvinceName = Paris
|
||||
localityName = Paris
|
||||
organizationName = UTS-SERVER test
|
||||
# CN is passed through environment variable "CN"
|
||||
commonName = $ENV::CN
|
||||
|
|
|
|||
|
|
@ -12,9 +12,11 @@ error () {
|
|||
|
||||
|
||||
create_ca () {
|
||||
|
||||
echo "Creating a new CA for the TSA tests..."
|
||||
export CN="UTS-SERVER CA"
|
||||
CN="UTS-SERVER CA"
|
||||
DN_SECTION="dn_ca"
|
||||
export CN
|
||||
export DN_SECTION
|
||||
openssl req -new -x509 -nodes \
|
||||
-out tsaca.pem -keyout tsacakey.pem
|
||||
test $? != 0 && error
|
||||
|
|
@ -24,6 +26,7 @@ create_tsa_cert () {
|
|||
EXT=$3
|
||||
INDEX=$2
|
||||
CN=$1; export CN
|
||||
DN_SECTION="dn_cert";export DN_SECTION
|
||||
|
||||
openssl req -new \
|
||||
-out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
|
||||
|
|
@ -41,8 +44,7 @@ create_cert () {
|
|||
|
||||
INDEX=$2
|
||||
export INDEX
|
||||
TSDNSECT=ts_cert_dn
|
||||
export TSDNSECT
|
||||
DN_SECTION="dn_cert";export DN_SECTION
|
||||
|
||||
openssl req -new \
|
||||
-out tsa_req${INDEX}.pem -keyout ssl_key${INDEX}.pem
|
||||
|
|
|
|||
Loading…
Reference in New Issue