- Peter Sylvester made the HTTPS test server use specific certificates for

each test, so that the test suite can now be used to actually test the verification of cert names etc. This made an error show up in the OpenSSL- specific code where it would attempt to match the CN field even if a subjectAltName exists that doesn't match. This is now fixed and verified in test 311.
2009-08-11 21:48:58 +00:00
parent a9caeb1064
commit e73fe837a8
40 changed files with 1339 additions and 6 deletions
--- a/tests/certs/Server-localhost0h-sv.prm
+++ b/tests/certs/Server-localhost0h-sv.prm
@@ -0,0 +1,26 @@
+extensions = x509v3
+[ x509v3 ]
+#subjectAltName = DNS:localhost\0h
+subjectAltName = DER:30:0d:82:0b:6c:6f:63:61:6c:68:6f:73:74:00:68
+keyUsage	= keyEncipherment
+extendedKeyUsage = serverAuth
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid
+basicConstraints = critical,CA:false
+[ req ]
+default_bits                    = 1024
+distinguished_name              = req_DN
+default_md			= sha256
+string_mask			= utf8only
+[ req_DN ]
+countryName                     = "Country Name is Northern Nowhere"
+countryName_value            = NN
+organizationName              = "Organization Name"
+organizationName_value     = Edel Curl Arctic Illudium Research Cloud
+commonName                      = "Common Name"
+commonName_value              = localhost 
+
+[something]
+# The key
+# the certificate
+# some dhparam