From 0b985972694d5c91510d9e4ddbe65a43f748a339 Mon Sep 17 00:00:00 2001 From: Joni Hahkala Date: Thu, 3 Aug 2006 11:42:58 +0000 Subject: [PATCH] add also certs with userid in the DN --- bin/generate-test-certificates.sh | 16 ++++++++++++++++ test/big-ca/ca_conf.cnf | 2 ++ test/big-ca/req_conf_uid.cnf | 35 +++++++++++++++++++++++++++++++++++ test/expired-ca/ca_conf.cnf | 2 ++ test/expired-ca/req_conf_uid.cnf | 35 +++++++++++++++++++++++++++++++++++ test/fake-ca/ca_conf.cnf | 2 ++ test/fake-ca/req_conf_uid.cnf | 35 +++++++++++++++++++++++++++++++++++ test/trusted-ca/ca_conf.cnf | 1 + test/trusted-ca/req_conf_uid.cnf | 35 +++++++++++++++++++++++++++++++++++ 9 files changed, 163 insertions(+) create mode 100644 test/big-ca/req_conf_uid.cnf create mode 100644 test/expired-ca/req_conf_uid.cnf create mode 100644 test/fake-ca/req_conf_uid.cnf create mode 100644 test/trusted-ca/req_conf_uid.cnf diff --git a/bin/generate-test-certificates.sh b/bin/generate-test-certificates.sh index 81555c7..4bc202b 100755 --- a/bin/generate-test-certificates.sh +++ b/bin/generate-test-certificates.sh @@ -61,6 +61,12 @@ function create_cert { CMD="openssl req -out $filebase.req -newkey rsa:$bits -new -keyout $filebase.priv -config $REQ_CONFIG_FILE_EMAIL" echo $CMD; $CMD; ;; + clientuid) + echo UID cert $flags + flags="client" + CMD="openssl req -out $filebase.req -newkey rsa:$bits -new -keyout $filebase.priv -config $REQ_CONFIG_FILE_UID" + echo $CMD; $CMD; + ;; *) echo normal cert $flags CMD="openssl req -out $filebase.req -newkey rsa:$bits -new -keyout $filebase.priv -config $REQ_CONFIG_FILE" @@ -477,6 +483,15 @@ function create_all { create_cert_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_proxy "proxy" 1 proxy create_cert_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_proxy_exp "expired proxy" -1 proxy_exp + TYPE="clientuid" + CTYPE="client UID" + + create_cert $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" ${TYPE} $DAYS + create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy "proxy" 1 + create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_exp "expired proxy" -1 + create_cert_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_proxy "proxy" 1 proxy + create_cert_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_proxy_exp "expired proxy" -1 proxy_exp + TYPE="fclient" CTYPE="flag client" @@ -742,6 +757,7 @@ for catype in $CATYPES; do export REQ_CONFIG_FILE=$CA_DIR/req_conf.cnf export REQ_CONFIG_FILE_SERIAL=$CA_DIR/req_conf_sn.cnf export REQ_CONFIG_FILE_EMAIL=$CA_DIR/req_conf_email.cnf + export REQ_CONFIG_FILE_UID=$CA_DIR/req_conf_uid.cnf export REQ_PROXY_CONFIG_FILE=$CA_DIR/req_proxy_conf.cnf export REQ_PROXY_PROXY_CONFIG_FILE=$CA_DIR/req_proxy_proxy_conf.cnf export PROXY_BITS=512 diff --git a/test/big-ca/ca_conf.cnf b/test/big-ca/ca_conf.cnf index 42d548d..cc85df0 100644 --- a/test/big-ca/ca_conf.cnf +++ b/test/big-ca/ca_conf.cnf @@ -20,6 +20,8 @@ organizationName = optional organizationalUnitName = optional commonName = supplied emailAddress = optional +serialNumber = optional +userId = optional [ ca_cert ] basicConstraints=CA:TRUE diff --git a/test/big-ca/req_conf_uid.cnf b/test/big-ca/req_conf_uid.cnf new file mode 100644 index 0000000..8b2092e --- /dev/null +++ b/test/big-ca/req_conf_uid.cnf @@ -0,0 +1,35 @@ +[ req ] +default_bits = $ENV::BITS +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +commonName = $ENV::CN + +userId = testuserid + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert ] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always + +[ proxy_none ] diff --git a/test/expired-ca/ca_conf.cnf b/test/expired-ca/ca_conf.cnf index 42d548d..a36254e 100644 --- a/test/expired-ca/ca_conf.cnf +++ b/test/expired-ca/ca_conf.cnf @@ -19,6 +19,8 @@ localityName = optional organizationName = optional organizationalUnitName = optional commonName = supplied +serialNumber = optional +userId = optional emailAddress = optional [ ca_cert ] diff --git a/test/expired-ca/req_conf_uid.cnf b/test/expired-ca/req_conf_uid.cnf new file mode 100644 index 0000000..8b2092e --- /dev/null +++ b/test/expired-ca/req_conf_uid.cnf @@ -0,0 +1,35 @@ +[ req ] +default_bits = $ENV::BITS +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +commonName = $ENV::CN + +userId = testuserid + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert ] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always + +[ proxy_none ] diff --git a/test/fake-ca/ca_conf.cnf b/test/fake-ca/ca_conf.cnf index 42d548d..cc85df0 100644 --- a/test/fake-ca/ca_conf.cnf +++ b/test/fake-ca/ca_conf.cnf @@ -20,6 +20,8 @@ organizationName = optional organizationalUnitName = optional commonName = supplied emailAddress = optional +serialNumber = optional +userId = optional [ ca_cert ] basicConstraints=CA:TRUE diff --git a/test/fake-ca/req_conf_uid.cnf b/test/fake-ca/req_conf_uid.cnf new file mode 100644 index 0000000..8b2092e --- /dev/null +++ b/test/fake-ca/req_conf_uid.cnf @@ -0,0 +1,35 @@ +[ req ] +default_bits = $ENV::BITS +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +commonName = $ENV::CN + +userId = testuserid + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert ] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always + +[ proxy_none ] diff --git a/test/trusted-ca/ca_conf.cnf b/test/trusted-ca/ca_conf.cnf index 7ae8401..cc85df0 100644 --- a/test/trusted-ca/ca_conf.cnf +++ b/test/trusted-ca/ca_conf.cnf @@ -21,6 +21,7 @@ organizationalUnitName = optional commonName = supplied emailAddress = optional serialNumber = optional +userId = optional [ ca_cert ] basicConstraints=CA:TRUE diff --git a/test/trusted-ca/req_conf_uid.cnf b/test/trusted-ca/req_conf_uid.cnf new file mode 100644 index 0000000..8b2092e --- /dev/null +++ b/test/trusted-ca/req_conf_uid.cnf @@ -0,0 +1,35 @@ +[ req ] +default_bits = $ENV::BITS +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +commonName = $ENV::CN + +userId = testuserid + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert ] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always + +[ proxy_none ] -- 1.8.2.3