add copies of CAs in case the openssl is new to make the openssl s_client work

diff --git a/bin/generate-test-certificates.sh b/bin/generate-test-certificates.sh
index 4fb5617..ab69ff0 100755 (executable)
--- a/bin/generate-test-certificates.sh
+++ b/bin/generate-test-certificates.sh
@@ -515,11 +515,13 @@ function add_ca_grid_sec {
         mkdir -p 'grid-security/certificates-slashwithoutnamespaces'
     fi
     if [ x"`openssl version`" \< x"OpenSSL 1.0.0" ]; then
-        hash=$(openssl x509 -hash -noout -in $1-ca/$1.cert)
+        hash=$(openssl x509 -subject_hash -noout -in $1-ca/$1.cert)
     else
-       if [ ${USENEWHASH} == 'no' ]; then
-            hash=$(openssl x509 -subject_hash_old -noout -in $1-ca/$1.cert)
-       fi
+       echo new openssl
+        hash=$(openssl x509 -subject_hash_old -noout -in $1-ca/$1.cert)
+       hash2=$(openssl x509 -subject_hash -noout -in $1-ca/$1.cert)    
+       echo old hash $hash
+       echo new hash $hash2
     fi
     cp $1-ca/$1.cert grid-security/certificates/${hash}.0
     cp $1-ca/$1.crl grid-security/certificates/${hash}.r0
@@ -701,6 +703,23 @@ EOF
 
     cp grid-security/certificates/${hash}.* grid-security/certificates-withoutCrl
     rm grid-security/certificates-withoutCrl/*.r0
+
+# copy all certs to their new hash if the openssl is using new hashes
+    if [ x${hash2} != "x" ]; then
+       for oldCa in `find grid-security -name ${hash}.0`; do
+           echo cp ${oldCa} `dirname ${oldCa}`/${hash2}.0
+           cp ${oldCa} `dirname ${oldCa}`/${hash2}.0
+       done
+        for oldCa in `find grid-security -name ${hash}.r0`; do
+            cp ${oldCa} `dirname ${oldCa}`/${hash2}.r0
+        done
+        for oldCa in `find grid-security -name ${hash}.signing_policy`; do
+            cp ${oldCa} `dirname ${oldCa}`/${hash2}.signing_policy
+        done
+        for oldCa in `find grid-security -name ${hash}.namespaces`; do
+            cp ${oldCa} `dirname ${oldCa}`/${hash2}.namespaces
+        done
+    fi
        
 }