You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34 lines
1.5 KiB
34 lines
1.5 KiB
From dd189f46b9e43392b842c4309c95dc7e71963261 Mon Sep 17 00:00:00 2001 |
|
From: Greg Hudson <ghudson@mit.edu> |
|
Date: Thu, 5 Oct 2017 12:54:13 -0400 |
|
Subject: [PATCH] Add test cert with no extensions |
|
|
|
Add commands to make-certs.sh to generate a test client certificate |
|
with no certificate extensions. Re-run make-certs.sh. |
|
|
|
ticket: 8562 |
|
(cherry-picked from commit 0d23835660ab131d244d395e4568969b5c0dc678) |
|
[rharwood@redhat.com: only backport the make-certs.sh changes] |
|
--- |
|
src/tests/dejagnu/pkinit-certs/make-certs.sh | 9 +++++++++ |
|
1 file changed, 9 insertions(+) |
|
|
|
diff --git a/src/tests/dejagnu/pkinit-certs/make-certs.sh b/src/tests/dejagnu/pkinit-certs/make-certs.sh |
|
index 0d8c2019a..23426af8a 100755 |
|
--- a/src/tests/dejagnu/pkinit-certs/make-certs.sh |
|
+++ b/src/tests/dejagnu/pkinit-certs/make-certs.sh |
|
@@ -163,5 +163,14 @@ SUBJECT=user openssl x509 -extfile openssl.cnf -extensions exts_upn3_client \ |
|
openssl pkcs12 -export -in user-upn3.pem -inkey privkey.pem \ |
|
-out user-upn3.p12 -passout pass: |
|
|
|
+# Generate a client certificate and PKCS#12 bundle with no PKINIT extensions. |
|
+SUBJECT=user openssl req -config openssl.cnf -new -subj /CN=user \ |
|
+ -key privkey.pem -out generic.csr |
|
+SUBJECT=user openssl x509 -set_serial 7 -days $DAYS -req -CA ca.pem \ |
|
+ -CAkey privkey.pem -out generic.pem -in generic.csr |
|
+openssl pkcs12 -export -in generic.pem -inkey privkey.pem -out generic.p12 \ |
|
+ -passout pass: |
|
+ |
|
# Clean up. |
|
rm -f openssl.cnf kdc.csr user.csr user-upn.csr user-upn2.csr user-upn3.csr |
|
+rm -f generic.csr
|
|
|