security-and-privacy/uts-server
security-and-privacy/uts-server
1
0
Fork 0
mirror of https://github.com/kakwa/uts-server synced 2024-12-04 23:15:54 +01:00
Code Issues Releases Wiki Activity

add some default value to be compatible with libressl in test CA

Browse Source
This commit is contained in:
kakwa 2017-06-21 20:06:13 +02:00
parent 7f2d2cf4c1
commit 550f44d8c2
2 changed files with 25 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
tests/cfg/pki/CAtsa.cnf
View File

@ -4,6 +4,9 @@
# #
#---------------------------------------------------------------------- #----------------------------------------------------------------------
DN_SECTION=dn_ca
CN=DEFAULT
# Extensions required to a TSA certificate # Extensions required to a TSA certificate
[ tsa_cert ] [ tsa_cert ]
@ -26,27 +29,22 @@ authorityKeyIdentifier=keyid,issuer:always
# #
#---------------------------------------------------------------------- #----------------------------------------------------------------------
# Common properties of all the certificates/CA (CN, OU, etc...)
[ dn_section ]
countryName = FR
stateOrProvinceName = Paris
localityName = Paris
organizationName = UTS-SERVER test
# CN is passed through environment variable "CN"
commonName = $ENV::CN
# OpenSSL parameters for certificate requests generation # OpenSSL parameters for certificate requests generation
[ req ] [ req ]
default_bits = 4096 default_bits = 4096
default_md = sha512 default_md = sha512
distinguished_name = dn_section distinguished_name = $ENV::DN_SECTION
encrypt_rsa_key = no encrypt_rsa_key = no
prompt = no prompt = no
# The extentions to add to the self signed cert # The extentions to add to the self signed cert
x509_extensions = v3_ca x509_extensions = v3_ca
# Common properties of the CA
[ dn_ca ]
countryName = FR
stateOrProvinceName = Paris
localityName = Paris
organizationName = UTS-SERVER CA
# Extensions for a typical CA # Extensions for a typical CA
[ v3_ca ] [ v3_ca ]
@ -55,3 +53,12 @@ subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = critical,CA:true basicConstraints = critical,CA:true
keyUsage = cRLSign, keyCertSign keyUsage = cRLSign, keyCertSign
# Common properties of all the certificates (CN, OU, etc...)
[ dn_cert ]
countryName = FR
stateOrProvinceName = Paris
localityName = Paris
organizationName = UTS-SERVER test
# CN is passed through environment variable "CN"
commonName = $ENV::CN

10
tests/cfg/pki/create_tsa_certs
View File

@ -12,9 +12,11 @@ error () {
create_ca () { create_ca () {
echo "Creating a new CA for the TSA tests..." echo "Creating a new CA for the TSA tests..."
export CN="UTS-SERVER CA" CN="UTS-SERVER CA"
DN_SECTION="dn_ca"
export CN
export DN_SECTION
openssl req -new -x509 -nodes \ openssl req -new -x509 -nodes \
-out tsaca.pem -keyout tsacakey.pem -out tsaca.pem -keyout tsacakey.pem
test $? != 0 && error test $? != 0 && error
@ -24,6 +26,7 @@ create_tsa_cert () {
EXT=$3 EXT=$3
INDEX=$2 INDEX=$2
CN=$1; export CN CN=$1; export CN
DN_SECTION="dn_cert";export DN_SECTION
openssl req -new \ openssl req -new \
-out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
@ -41,8 +44,7 @@ create_cert () {
INDEX=$2 INDEX=$2
export INDEX export INDEX
TSDNSECT=ts_cert_dn DN_SECTION="dn_cert";export DN_SECTION
export TSDNSECT
openssl req -new \ openssl req -new \
-out tsa_req${INDEX}.pem -keyout ssl_key${INDEX}.pem -out tsa_req${INDEX}.pem -keyout ssl_key${INDEX}.pem