tests/certs: added make target to rebuild certificates

The certificate generation scripts were also updated to better match the
format of the certificates currently checked in.

diff --git a/tests/certs/Makefile.am b/tests/certs/Makefile.am
index ddb5c9fb1fff6ed2452b976db95a8572194da0ba..c26aa1e68adc43136d2c2d10b86f433d692fe96a 100644 (file)
--- a/tests/certs/Makefile.am
+++ b/tests/certs/Makefile.am
@@ -23,14 +23,19 @@ AUTOMAKE_OPTIONS = foreign
 
 SUBDIRS = scripts
 
-CERTFILES = \
-  EdelCurlRoot-ca.cacert \
+CERTCONFIGS = \
+  EdelCurlRoot-ca.prm \
   EdelCurlRoot-ca.cnf \
+  Server-localhost-sv.prm \
+  Server-localhost.nn-sv.prm \
+  Server-localhost0h-sv.prm
+
+GENERATEDCERTS = \
+  EdelCurlRoot-ca.cacert \
   EdelCurlRoot-ca.crt \
   EdelCurlRoot-ca.csr \
   EdelCurlRoot-ca.der \
   EdelCurlRoot-ca.key \
-  EdelCurlRoot-ca.prm \
   Server-localhost-sv.crl \
   Server-localhost-sv.crt \
   Server-localhost-sv.csr \
@@ -39,7 +44,6 @@ CERTFILES = \
   Server-localhost-sv.key \
   Server-localhost-sv.p12 \
   Server-localhost-sv.pem \
-  Server-localhost-sv.prm \
   Server-localhost-sv.pub.der \
   Server-localhost-sv.pub.pem \
   Server-localhost.nn-sv.crl \
@@ -49,7 +53,6 @@ CERTFILES = \
   Server-localhost.nn-sv.dhp \
   Server-localhost.nn-sv.key \
   Server-localhost.nn-sv.pem \
-  Server-localhost.nn-sv.prm \
   Server-localhost.nn-sv.pub.der \
   Server-localhost.nn-sv.pub.pem \
   Server-localhost0h-sv.crl \
@@ -60,7 +63,6 @@ CERTFILES = \
   Server-localhost0h-sv.key \
   Server-localhost0h-sv.p12 \
   Server-localhost0h-sv.pem \
-  Server-localhost0h-sv.prm \
   Server-localhost0h-sv.pub.der \
   Server-localhost0h-sv.pub.pem
 
@@ -68,5 +70,24 @@ SRPFILES = \
   srp-verifier-conf \
   srp-verifier-db
 
-EXTRA_DIST = $(CERTFILES) $(SRPFILES)
+EXTRA_DIST = $(CERTCONFIGS) $(GENERATEDCERTS) $(SRPFILES)
+
+# Rebuild the certificates
+
+clean-certs:
+       cd $(srcdir); rm -f $(GENERATEDCERTS)
+
+build-certs: $(srcdir)/EdelCurlRoot-ca.cacert $(srcdir)/Server-localhost-sv.pem \
+       $(srcdir)/Server-localhost.nn-sv.pem $(srcdir)/Server-localhost0h-sv.pem
+
+$(srcdir)/EdelCurlRoot-ca.cacert:
+       cd $(srcdir); scripts/genroot.sh EdelCurlRoot
+
+$(srcdir)/Server-localhost-sv.pem: $(srcdir)/EdelCurlRoot-ca.cacert
+       cd $(srcdir); scripts/genserv.sh Server-localhost EdelCurlRoot
+
+$(srcdir)/Server-localhost.nn-sv.pem: $(srcdir)/EdelCurlRoot-ca.cacert
+       cd $(srcdir); scripts/genserv.sh Server-localhost.nn EdelCurlRoot
 
+$(srcdir)/Server-localhost0h-sv.pem: $(srcdir)/EdelCurlRoot-ca.cacert
+       cd $(srcdir); scripts/genserv.sh Server-localhost0h EdelCurlRoot

diff --git a/tests/certs/scripts/genroot.sh b/tests/certs/scripts/genroot.sh
index 6ac138873ea3f7e258320326c15b4c9735f9c36f..4d2118aae1e542fc77c0ee6a577c6e7f3acd5253 100755 (executable)
--- a/tests/certs/scripts/genroot.sh
+++ b/tests/certs/scripts/genroot.sh
@@ -50,15 +50,15 @@ echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -
 
 $OPENSSL x509  -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -req -signkey $PREFIX-ca.key -in $PREFIX-ca.csr -out $PREFIX-$SERIAL-ca.cacert -sha1
 
-echo "openssl x509 -text -hash -out $PREFIX-ca.cacert -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline"
-$OPENSSL x509 -text -hash -out $PREFIX-ca.cacert -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline
+echo "openssl x509 -text -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline > $PREFIX-ca.cacert "
+$OPENSSL x509 -text -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline > $PREFIX-ca.cacert
 
 echo "openssl x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der "
 $OPENSSL x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der
 
-echo "openssl x509 -in $PREFIX-ca.cacert -text -out $PREFIX-ca.crt -nameopt multiline"
+echo "openssl x509 -in $PREFIX-ca.cacert -text -nameopt multiline > $PREFIX-ca.crt "
 
-$OPENSSL x509 -in $PREFIX-ca.cacert -text -out $PREFIX-ca.crt -nameopt multiline
+$OPENSSL x509 -in $PREFIX-ca.cacert -text -nameopt multiline > $PREFIX-ca.crt
 
 echo "openssl x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline"
 $OPENSSL x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline

diff --git a/tests/certs/scripts/genserv.sh b/tests/certs/scripts/genserv.sh
index 80876ec51fa997088137f18b7b4a84c544b46d8f..e7845c5c1f064c38957a909a09cc5059e58c47d0 100755 (executable)
--- a/tests/certs/scripts/genserv.sh
+++ b/tests/certs/scripts/genserv.sh
@@ -81,9 +81,9 @@ $OPENSSL rsa -in $PREFIX-sv.key -pubout -outform DER -out $PREFIX-sv.pub.der
 echo "openssl rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem"
 $OPENSSL rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem
 
-echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1"
+echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -text -nameopt multiline -sha1 > $PREFIX-sv.crt "
 
-$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1
+$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -text -nameopt multiline -sha1 > $PREFIX-sv.crt
 
 if [ "$P12." = YES. ] ; then