diff options
| author | Guilhem Moulin <guilhem@debian.org> | 2022-02-27 16:54:38 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@debian.org> | 2022-02-27 16:54:38 +0100 |
| commit | 3656ac995b07c5cdeb881b88f371abf38cfb0bc4 (patch) | |
| tree | 4365cb82a3fb51decc6a1e2547b0e755df31456c /tests/certs | |
| parent | 1c596d75696e8342e9b489ba0bc7b5e7009fa90e (diff) | |
| parent | 8ad5e5a218253a76eabf36bfd83f9e1a2a708377 (diff) | |
Merge tag 'v0.5.7' into debian/latest
Release version 0.5.7
Diffstat (limited to 'tests/certs')
| -rwxr-xr-x | tests/certs/generate | 18 | ||||
| -rw-r--r-- | tests/certs/openssl.cnf | 4 |
2 files changed, 17 insertions, 5 deletions
diff --git a/tests/certs/generate b/tests/certs/generate index de379a0..8e9c451 100755 --- a/tests/certs/generate +++ b/tests/certs/generate @@ -8,12 +8,20 @@ BASEDIR="$(dirname -- "$0")" OU="InterIMAP test suite" cd "$BASEDIR" +OPENSSL_CONF="./openssl.cnf" +export OPENSSL_CONF + cadir="$(mktemp --tmpdir --directory)" trap 'rm -rf -- "$cadir"' EXIT INT TERM +genpkey() { + local key="$1" + shift + openssl genpkey -out "$key" "$@" 2>&1 +} # generate CA (we intentionally throw away the private key and serial # file to avoid reuse) -openssl genpkey -algorithm RSA -out "$cadir/ca.key" +genpkey "$cadir/ca.key" -algorithm RSA openssl req -new -x509 -rand /dev/urandom -subj "/OU=$OU/CN=Fake Root CA" -key "$cadir/ca.key" -out ./ca.crt SERIAL=1 @@ -31,14 +39,14 @@ new() { printf "subjectAltName = %s\\n" "$3" >>"$cadir/new-ext.cnf" fi openssl x509 -req -in "$cadir/new.csr" -CA ./ca.crt -CAkey "$cadir/ca.key" \ - -CAserial "$cadir/ca.srl" -CAcreateserial -extfile "$cadir/new-ext.cnf" + -CAserial "$cadir/ca.srl" -CAcreateserial -extfile "$cadir/new-ext.cnf" 2>&1 } -openssl genpkey -algorithm RSA -out ./dovecot.rsa.key +genpkey ./dovecot.rsa.key -algorithm RSA new ./dovecot.rsa.key "localhost" "DNS:localhost,DNS:ip6-localhost,IP:127.0.0.1,IP:::1" >./dovecot.rsa.crt -openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 -pkeyopt ec_param_enc:named_curve -out ./dovecot.ecdsa.key +genpkey ./dovecot.ecdsa.key -algorithm EC -pkeyopt ec_paramgen_curve:P-256 -pkeyopt ec_param_enc:named_curve new ./dovecot.ecdsa.key "localhost" >./dovecot.ecdsa.crt -openssl genpkey -algorithm RSA -out ./dovecot.rsa2.key +genpkey ./dovecot.rsa2.key -algorithm RSA new ./dovecot.rsa2.key "imap.example.net" "DNS:imap.example.net,DNS:localhost" >./dovecot.rsa2.crt diff --git a/tests/certs/openssl.cnf b/tests/certs/openssl.cnf new file mode 100644 index 0000000..b1af7b8 --- /dev/null +++ b/tests/certs/openssl.cnf @@ -0,0 +1,4 @@ +[ req ] +distinguished_name = req_distinguished_name + +[ req_distinguished_name ] |