Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(69)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/data/ssl/certificates/README

Issue 4646001: Implement LoadTemporaryRoot for Windows (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/net/base
Patch Set: New Win method & unittests Created 10 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/base/x509_certificate.h ('K') | « net/base/x509_certificate_win.cc ('k') | net/data/ssl/certificates/expired_cert.pem » ('j') | net/data/ssl/certificates/expired_cert.pem » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/data/ssl/certificates/README
diff --git a/net/data/ssl/certificates/README b/net/data/ssl/certificates/README
index a58aaa1cff9f99e3a93100ecd5e982e63bc4698f..0a586058e87a17bb24d2abad1e5e75bed33005c3 100644
--- a/net/data/ssl/certificates/README
+++ b/net/data/ssl/certificates/README
@@ -20,13 +20,6 @@ unit tests.
- dod_root_ca_2_cert.der : A certificate chain for regression tests of
http://crbug.com/31497.
-- expired_cert.pem : An expired certificate, used by test_server.cc.
-
-- ok_cert.pem : A valid certificate, used by test_server.cc
-
-- root_ca_cert.crt : The testing root CA used to sign the test_server.cc's
- certificates.
-
- unosoft_hu_cert : Certificate used by X509CertificateTest.UnoSoftCertParsing.
- client.p12 : A PKCS #12 file containing a client certificate and a private
@@ -34,3 +27,36 @@ unit tests.
- punycodetest.der : A test self-signed server certificate with punycode name.
The common name is "xn--wgv71a119e.com" (日本語.com)
+
+=====
+Generated Test Certificates:
+ The following certificates were generated locally, and are primarily used
+ by test_server.cc and test_server.py:
+ - expired_cert.pem : An expired certificate, used by test_server.cc.
+ - ok_cert.pem : A valid certificate, used by test_server.cc and others
+ - root_ca_cert.crt : The testing root CA used to sign the test
+ certificates
+ In addition, a support file is provided for making it easier to make
+ modifications or re-generate these certificates.
+ - openssl_ca.cnf : The configuration file used to generate the test
+ certificates
+
+ The following commands were used to generated the test root certificates
+ Note: Be sure to adjust path slashes as appropriate for your platform.
+
+mkdir root_ca
+mkdir root_ca\private
+mkdir root_ca\newcerts
+echo 01 > root_ca\serial
+[On Windows]
+ copy nul: root_ca\index.txt
+[On POSIX]
+ touch root_ca\index.txt
+
+openssl req -new -x509 -subj "/C=US/ST=California/L=Mountain View/O=Test CA/CN=Test Root CA/" -nodes -days 3650 -keyout root_ca\private\cacert.key -out root_ca\cacert.pem
+openssl req -new -subj "/C=US/ST=California/L=Mountain View/O=Test CA/O=Expired/CN=127.0.0.1/" -nodes -keyout expired_cert.key -out expired_cert.req
+openssl req -new -subj "/C=US/ST=California/L=Mountain View/O=Test CA/CN=127.0.0.1/" -nodes -keyout ok_cert.key -out ok_cert.req
+openssl ca -config openssl_ca.cnf -name CA_root -extensions user_cert -startdate 060101000000Z -enddate 070101000000Z -in expired_cert.req -out expired_cert.pem
+openssl ca -config openssl_ca.cnf -name CA_root -extensions user_cert -in ok_cert.req -out ok_cert.pem
+
+ Then each output certificate (.pem) and private key (.key) were combined into previously mentioned filenames.
« net/base/x509_certificate.h ('K') | « net/base/x509_certificate_win.cc ('k') | net/data/ssl/certificates/expired_cert.pem » ('j') | net/data/ssl/certificates/expired_cert.pem » ('J')

Powered by Google App Engine
This is Rietveld 408576698