add some default value to be compatible with libressl in test CA

2024-12-04 15:05:54 +01:00 · 2017-06-21 20:06:13 +02:00 · 2017-06-21 20:06:13 +02:00 · 550f44d8c2
commit 550f44d8c2
parent 7f2d2cf4c1
2 changed files with 25 additions and 16 deletions
--- a/tests/cfg/pki/CAtsa.cnf
+++ b/tests/cfg/pki/CAtsa.cnf
@ -4,6 +4,9 @@
 #
 #----------------------------------------------------------------------

+DN_SECTION=dn_ca
+CN=DEFAULT
+
 # Extensions required to a TSA certificate
 [ tsa_cert ]

@ -26,27 +29,22 @@ authorityKeyIdentifier=keyid,issuer:always
 #
 #----------------------------------------------------------------------

-# Common properties of all the certificates/CA (CN, OU, etc...)
-[ dn_section ]
-countryName			= FR
-stateOrProvinceName		= Paris
-localityName			= Paris
-organizationName		= UTS-SERVER test
-
-# CN is passed through environment variable "CN"
-commonName			= $ENV::CN
-
-
 # OpenSSL parameters for certificate requests generation
 [ req ]
 default_bits		= 4096
 default_md		= sha512
-distinguished_name	= dn_section
+distinguished_name	= $ENV::DN_SECTION
 encrypt_rsa_key		= no
 prompt 			= no
 # The extentions to add to the self signed cert
 x509_extensions	= v3_ca

+# Common properties of the CA
+[ dn_ca ]
+countryName			= FR
+stateOrProvinceName		= Paris
+localityName			= Paris
+organizationName		= UTS-SERVER CA

 # Extensions for a typical CA
 [ v3_ca ]
@ -55,3 +53,12 @@ subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid:always,issuer:always
 basicConstraints = critical,CA:true
 keyUsage = cRLSign, keyCertSign
+
+# Common properties of all the certificates (CN, OU, etc...)
+[ dn_cert ]
+countryName			= FR
+stateOrProvinceName		= Paris
+localityName			= Paris
+organizationName		= UTS-SERVER test
+# CN is passed through environment variable "CN"
+commonName			= $ENV::CN
--- a/tests/cfg/pki/create_tsa_certs
+++ b/tests/cfg/pki/create_tsa_certs
@ -12,9 +12,11 @@ error () {


 create_ca () {
-
    echo "Creating a new CA for the TSA tests..."
-    export CN="UTS-SERVER CA"
+    CN="UTS-SERVER CA"
+    DN_SECTION="dn_ca"
+    export CN
+    export DN_SECTION
    openssl req -new -x509 -nodes \
        -out tsaca.pem -keyout tsacakey.pem
    test $? != 0 && error
@ -24,6 +26,7 @@ create_tsa_cert () {
    EXT=$3
    INDEX=$2
    CN=$1; export CN
+    DN_SECTION="dn_cert";export DN_SECTION

    openssl req -new \
        -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
@ -41,8 +44,7 @@ create_cert () {

    INDEX=$2
    export INDEX
-    TSDNSECT=ts_cert_dn
-    export TSDNSECT
+    DN_SECTION="dn_cert";export DN_SECTION

    openssl req -new \
        -out tsa_req${INDEX}.pem -keyout ssl_key${INDEX}.pem