projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 768a3ec)
Fix generation of expired CA certificate.
authorDr. Stephen Henson <steve@openssl.org>
Wed, 22 Jun 2016 17:09:42 +0000 (18:09 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 22 Jun 2016 22:23:09 +0000 (23:23 +0100)
Reviewed-by: Richard Levitte <levitte@openssl.org>
test/certs/mkcert.sh patch | blob | history
test/certs/setup.sh patch | blob | history

diff --git a/test/certs/mkcert.sh b/test/certs/mkcert.sh
index 39e3a1e28c3f6c7c382f0d13c82b28a9a9b48185..ced08ea091b422156e92f1ef676ced9ad8178c3f 100755 (executable)
--- a/test/certs/mkcert.sh
+++ b/test/certs/mkcert.sh
@@ -8,7 +8,9 @@
 
 # 100 years should be enough for now
 #
-DAYS=36525
+if [ -z "$DAYS" ]; then
+    DAYS=36525
+fi
 
 if [ -z "$OPENSSL_SIGALG" ]; then
     OPENSSL_SIGALG=sha256
diff --git a/test/certs/setup.sh b/test/certs/setup.sh
index 4eaf511ef44275da2f1341362754b2227ec25613..b8c10863d3e4b1444c5991e9bbfacc0deeabab66 100755 (executable)
--- a/test/certs/setup.sh
+++ b/test/certs/setup.sh
@@ -86,7 +86,7 @@ openssl x509 -in sroot-cert.pem -trustout \
 ./mkcert.sh genca "CA" ca-key2 ca-cert2 root-key root-cert
 ./mkcert.sh genca "CA2" ca-key ca-name2 root-key root-cert
 ./mkcert.sh genca "CA" ca-key ca-root2 root-key2 root-cert2
-./mkcert.sh genca "CA" ca-key ca-expired root-key root-cert -days -1
+DAYS=-1 ./mkcert.sh genca "CA" ca-key ca-expired root-key root-cert
 #
 openssl x509 -in ca-cert.pem -trustout \
     -addtrust serverAuth -out ca+serverAuth.pem
Unnamed repository; edit this file 'description' to name the repository.