Updated all configuration files for test certs and proxies.

diff --git a/test/big-ca/ca_conf.cnf b/test/big-ca/ca_conf.cnf
index 6bafc6c..c9174e6 100644 (file)
--- a/test/big-ca/ca_conf.cnf
+++ b/test/big-ca/ca_conf.cnf
@@ -45,9 +45,15 @@ nsComment                    = "OpenSSL Generated Client Server Certificate"
 # and for everything including object signing:\r
 # nsCertType = client, email, objsign\r
 \r
-[ ca_client_flags ]\r
+[ ca_fclient ]\r
 # This is typical in keyUsage for a client certificate.\r
 keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
 \r
 # This will be displayed in Netscape's comment listbox.\r
 nsComment                      = "OpenSSL Generated Client Certificate with Flags"\r
+\r
+[ ca_none ]\r
+nsComment                      = "OpenSSL Generated Client Certificate with Flags"\r
+\r
+[ proxy_none ]\r
+keyUsage=critical,digitalSignature,keyEncipherment\r

diff --git a/test/big-ca/req_conf.cnf b/test/big-ca/req_conf.cnf
index 28ea218..7c30db9 100644 (file)
--- a/test/big-ca/req_conf.cnf
+++ b/test/big-ca/req_conf.cnf
@@ -25,7 +25,9 @@ commonName                     = $ENV::CN
 [ req_attributes ]\r
 #challengePassword              = $ENV::PASSWORD\r
 \r
-[ CA_cert]\r
+[ CA_cert ]\r
 basicConstraints = CA:true\r
 subjectKeyIdentifier=hash\r
 authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r

diff --git a/test/big-ca/req_proxy_conf.cnf b/test/big-ca/req_proxy_conf.cnf
index 54d9e4d..61a1812 100644 (file)
--- a/test/big-ca/req_proxy_conf.cnf
+++ b/test/big-ca/req_proxy_conf.cnf
@@ -1,13 +1,26 @@
+[ca]
+default_ca = CA_default
+
+[CA_default]
+dir = $ENV::CA_DIR
+database = $dir/index.txt
+serial = $dir/serial.txt
+
+certificate = $dir/$ENV::CATYPE.cert
+private_key = $dir/$ENV::CATYPE.priv
+
 [ req ]
+
 default_bits           = 1024
 default_keyfile        = keyfile.pem
 distinguished_name     = req_distinguished_name
 attributes             = req_attributes
 prompt                 = no
 output_password        = $ENV::PASSWORD
-ca_cert                     = CA_cert
+# ca_cert                   = CA_cert
 
 [ req_distinguished_name ]
+
 countryName                    = UG
 
 #stateOrProvinceName          = South area
@@ -25,9 +38,9 @@ organizationalUnitName         = Relaxation
 #emailAddress                   = Email Address
 
 [ req_attributes ]
-#challengePassword              = $ENV::PASSWORD
 
 [ CA_cert]
+
 basicConstraints = CA:true
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid:always,issuer:always

diff --git a/test/big-ca/req_proxy_proxy_conf.cnf b/test/big-ca/req_proxy_proxy_conf.cnf
index 5f2fe0a..f95b0ca 100644 (file)
--- a/test/big-ca/req_proxy_proxy_conf.cnf
+++ b/test/big-ca/req_proxy_proxy_conf.cnf
@@ -22,7 +22,7 @@ organizationalUnitName         = Relaxation
 
 1.commonName                     = $ENV::PROXYNAME
 
-2.commonName                     = $ENV::PROXYPROXYNAME
+2.commonName                     = $ENV::PROXYNAME
  
 #emailAddress                   = Email Address
 

diff --git a/test/expired-ca/ca_conf.cnf b/test/expired-ca/ca_conf.cnf
index 6bafc6c..c9174e6 100644 (file)
--- a/test/expired-ca/ca_conf.cnf
+++ b/test/expired-ca/ca_conf.cnf
@@ -45,9 +45,15 @@ nsComment                    = "OpenSSL Generated Client Server Certificate"
 # and for everything including object signing:\r
 # nsCertType = client, email, objsign\r
 \r
-[ ca_client_flags ]\r
+[ ca_fclient ]\r
 # This is typical in keyUsage for a client certificate.\r
 keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
 \r
 # This will be displayed in Netscape's comment listbox.\r
 nsComment                      = "OpenSSL Generated Client Certificate with Flags"\r
+\r
+[ ca_none ]\r
+nsComment                      = "OpenSSL Generated Client Certificate with Flags"\r
+\r
+[ proxy_none ]\r
+keyUsage=critical,digitalSignature,keyEncipherment\r

diff --git a/test/expired-ca/req_conf.cnf b/test/expired-ca/req_conf.cnf
index 28ea218..7c30db9 100644 (file)
--- a/test/expired-ca/req_conf.cnf
+++ b/test/expired-ca/req_conf.cnf
@@ -25,7 +25,9 @@ commonName                     = $ENV::CN
 [ req_attributes ]\r
 #challengePassword              = $ENV::PASSWORD\r
 \r
-[ CA_cert]\r
+[ CA_cert ]\r
 basicConstraints = CA:true\r
 subjectKeyIdentifier=hash\r
 authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r

diff --git a/test/expired-ca/req_proxy_conf.cnf b/test/expired-ca/req_proxy_conf.cnf
index 54d9e4d..61a1812 100644 (file)
--- a/test/expired-ca/req_proxy_conf.cnf
+++ b/test/expired-ca/req_proxy_conf.cnf
@@ -1,13 +1,26 @@
+[ca]
+default_ca = CA_default
+
+[CA_default]
+dir = $ENV::CA_DIR
+database = $dir/index.txt
+serial = $dir/serial.txt
+
+certificate = $dir/$ENV::CATYPE.cert
+private_key = $dir/$ENV::CATYPE.priv
+
 [ req ]
+
 default_bits           = 1024
 default_keyfile        = keyfile.pem
 distinguished_name     = req_distinguished_name
 attributes             = req_attributes
 prompt                 = no
 output_password        = $ENV::PASSWORD
-ca_cert                     = CA_cert
+# ca_cert                   = CA_cert
 
 [ req_distinguished_name ]
+
 countryName                    = UG
 
 #stateOrProvinceName          = South area
@@ -25,9 +38,9 @@ organizationalUnitName         = Relaxation
 #emailAddress                   = Email Address
 
 [ req_attributes ]
-#challengePassword              = $ENV::PASSWORD
 
 [ CA_cert]
+
 basicConstraints = CA:true
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid:always,issuer:always

diff --git a/test/expired-ca/req_proxy_proxy_conf.cnf b/test/expired-ca/req_proxy_proxy_conf.cnf
index 5f2fe0a..f95b0ca 100644 (file)
--- a/test/expired-ca/req_proxy_proxy_conf.cnf
+++ b/test/expired-ca/req_proxy_proxy_conf.cnf
@@ -22,7 +22,7 @@ organizationalUnitName         = Relaxation
 
 1.commonName                     = $ENV::PROXYNAME
 
-2.commonName                     = $ENV::PROXYPROXYNAME
+2.commonName                     = $ENV::PROXYNAME
  
 #emailAddress                   = Email Address
 

diff --git a/test/fake-ca/ca_conf.cnf b/test/fake-ca/ca_conf.cnf
index 6bafc6c..c9174e6 100644 (file)
--- a/test/fake-ca/ca_conf.cnf
+++ b/test/fake-ca/ca_conf.cnf
@@ -45,9 +45,15 @@ nsComment                    = "OpenSSL Generated Client Server Certificate"
 # and for everything including object signing:\r
 # nsCertType = client, email, objsign\r
 \r
-[ ca_client_flags ]\r
+[ ca_fclient ]\r
 # This is typical in keyUsage for a client certificate.\r
 keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
 \r
 # This will be displayed in Netscape's comment listbox.\r
 nsComment                      = "OpenSSL Generated Client Certificate with Flags"\r
+\r
+[ ca_none ]\r
+nsComment                      = "OpenSSL Generated Client Certificate with Flags"\r
+\r
+[ proxy_none ]\r
+keyUsage=critical,digitalSignature,keyEncipherment\r

diff --git a/test/fake-ca/req_conf.cnf b/test/fake-ca/req_conf.cnf
index 28ea218..7c30db9 100644 (file)
--- a/test/fake-ca/req_conf.cnf
+++ b/test/fake-ca/req_conf.cnf
@@ -25,7 +25,9 @@ commonName                     = $ENV::CN
 [ req_attributes ]\r
 #challengePassword              = $ENV::PASSWORD\r
 \r
-[ CA_cert]\r
+[ CA_cert ]\r
 basicConstraints = CA:true\r
 subjectKeyIdentifier=hash\r
 authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r

diff --git a/test/fake-ca/req_proxy_conf.cnf b/test/fake-ca/req_proxy_conf.cnf
index 54d9e4d..61a1812 100644 (file)
--- a/test/fake-ca/req_proxy_conf.cnf
+++ b/test/fake-ca/req_proxy_conf.cnf
@@ -1,13 +1,26 @@
+[ca]
+default_ca = CA_default
+
+[CA_default]
+dir = $ENV::CA_DIR
+database = $dir/index.txt
+serial = $dir/serial.txt
+
+certificate = $dir/$ENV::CATYPE.cert
+private_key = $dir/$ENV::CATYPE.priv
+
 [ req ]
+
 default_bits           = 1024
 default_keyfile        = keyfile.pem
 distinguished_name     = req_distinguished_name
 attributes             = req_attributes
 prompt                 = no
 output_password        = $ENV::PASSWORD
-ca_cert                     = CA_cert
+# ca_cert                   = CA_cert
 
 [ req_distinguished_name ]
+
 countryName                    = UG
 
 #stateOrProvinceName          = South area
@@ -25,9 +38,9 @@ organizationalUnitName         = Relaxation
 #emailAddress                   = Email Address
 
 [ req_attributes ]
-#challengePassword              = $ENV::PASSWORD
 
 [ CA_cert]
+
 basicConstraints = CA:true
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid:always,issuer:always

diff --git a/test/fake-ca/req_proxy_proxy_conf.cnf b/test/fake-ca/req_proxy_proxy_conf.cnf
index 5f2fe0a..f95b0ca 100644 (file)
--- a/test/fake-ca/req_proxy_proxy_conf.cnf
+++ b/test/fake-ca/req_proxy_proxy_conf.cnf
@@ -22,7 +22,7 @@ organizationalUnitName         = Relaxation
 
 1.commonName                     = $ENV::PROXYNAME
 
-2.commonName                     = $ENV::PROXYPROXYNAME
+2.commonName                     = $ENV::PROXYNAME
  
 #emailAddress                   = Email Address
 

diff --git a/test/trusted-ca/ca_conf.cnf b/test/trusted-ca/ca_conf.cnf
index 6bafc6c..c9174e6 100644 (file)
--- a/test/trusted-ca/ca_conf.cnf
+++ b/test/trusted-ca/ca_conf.cnf
@@ -45,9 +45,15 @@ nsComment                    = "OpenSSL Generated Client Server Certificate"
 # and for everything including object signing:\r
 # nsCertType = client, email, objsign\r
 \r
-[ ca_client_flags ]\r
+[ ca_fclient ]\r
 # This is typical in keyUsage for a client certificate.\r
 keyUsage = nonRepudiation, digitalSignature, keyEncipherment\r
 \r
 # This will be displayed in Netscape's comment listbox.\r
 nsComment                      = "OpenSSL Generated Client Certificate with Flags"\r
+\r
+[ ca_none ]\r
+nsComment                      = "OpenSSL Generated Client Certificate with Flags"\r
+\r
+[ proxy_none ]\r
+keyUsage=critical,digitalSignature,keyEncipherment\r

diff --git a/test/trusted-ca/req_conf.cnf b/test/trusted-ca/req_conf.cnf
index 28ea218..7c30db9 100644 (file)
--- a/test/trusted-ca/req_conf.cnf
+++ b/test/trusted-ca/req_conf.cnf
@@ -25,7 +25,9 @@ commonName                     = $ENV::CN
 [ req_attributes ]\r
 #challengePassword              = $ENV::PASSWORD\r
 \r
-[ CA_cert]\r
+[ CA_cert ]\r
 basicConstraints = CA:true\r
 subjectKeyIdentifier=hash\r
 authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r

diff --git a/test/trusted-ca/req_proxy_conf.cnf b/test/trusted-ca/req_proxy_conf.cnf
index 54d9e4d..61a1812 100644 (file)
--- a/test/trusted-ca/req_proxy_conf.cnf
+++ b/test/trusted-ca/req_proxy_conf.cnf
@@ -1,13 +1,26 @@
+[ca]
+default_ca = CA_default
+
+[CA_default]
+dir = $ENV::CA_DIR
+database = $dir/index.txt
+serial = $dir/serial.txt
+
+certificate = $dir/$ENV::CATYPE.cert
+private_key = $dir/$ENV::CATYPE.priv
+
 [ req ]
+
 default_bits           = 1024
 default_keyfile        = keyfile.pem
 distinguished_name     = req_distinguished_name
 attributes             = req_attributes
 prompt                 = no
 output_password        = $ENV::PASSWORD
-ca_cert                     = CA_cert
+# ca_cert                   = CA_cert
 
 [ req_distinguished_name ]
+
 countryName                    = UG
 
 #stateOrProvinceName          = South area
@@ -25,9 +38,9 @@ organizationalUnitName         = Relaxation
 #emailAddress                   = Email Address
 
 [ req_attributes ]
-#challengePassword              = $ENV::PASSWORD
 
 [ CA_cert]
+
 basicConstraints = CA:true
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid:always,issuer:always

diff --git a/test/trusted-ca/req_proxy_proxy_conf.cnf b/test/trusted-ca/req_proxy_proxy_conf.cnf
index 5f2fe0a..f95b0ca 100644 (file)
--- a/test/trusted-ca/req_proxy_proxy_conf.cnf
+++ b/test/trusted-ca/req_proxy_proxy_conf.cnf
@@ -22,7 +22,7 @@ organizationalUnitName         = Relaxation
 
 1.commonName                     = $ENV::PROXYNAME
 
-2.commonName                     = $ENV::PROXYPROXYNAME
+2.commonName                     = $ENV::PROXYNAME
  
 #emailAddress                   = Email Address