Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1991)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/data/ssl/scripts/generate-test-certs.sh

Issue 1223233002: Common Name Mismatch Handler For WWW Subdomain Mismatch case (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Resolved comments, added UMA Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/ssl/ssl_error_handler.h ('K') | « net/data/ssl/scripts/ee.cnf ('k') | net/test/spawned_test_server/base_test_server.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/data/ssl/scripts/generate-test-certs.sh
diff --git a/net/data/ssl/scripts/generate-test-certs.sh b/net/data/ssl/scripts/generate-test-certs.sh
index 92d8f22868b191eeab7860a28e75f3ea09dba9f4..125a8c5c41c62cc88fb6d03ed4c043aa2cb06938 100755
--- a/net/data/ssl/scripts/generate-test-certs.sh
+++ b/net/data/ssl/scripts/generate-test-certs.sh
@@ -58,6 +58,22 @@ try openssl req \
-reqexts req_localhost_san \
-config ee.cnf
+SUBJECT_NAME=req_example_cn \
+try openssl req \
+ -new \
+ -keyout out/example_cert.key \
+ -out out/example_cert.req \
+ -reqexts req_example_san \
+ -config ee.cnf
+
+SUBJECT_NAME=req_www_example_cn \
+try openssl req \
+ -new \
+ -keyout out/www_example_cert.key \
+ -out out/www_example_cert.req \
+ -reqexts req_www_example_san \
+ -config ee.cnf
+
# Generate the leaf certificates
CA_COMMON_NAME="Test Root CA" \
try openssl ca \
@@ -107,6 +123,24 @@ CA_COMMON_NAME="Test Root CA" \
-out out/localhost_cert.pem \
-config ca.cnf
+CA_COMMON_NAME="Test Root CA" \
+ try openssl ca \
+ -batch \
+ -extensions user_cert \
+ -days 3650 \
+ -in out/example_cert.req \
+ -out out/example_cert.pem \
+ -config ca.cnf
+
+CA_COMMON_NAME="Test Root CA" \
+ try openssl ca \
+ -batch \
+ -extensions user_cert \
+ -days 3650 \
+ -in out/www_example_cert.req \
+ -out out/www_example_cert.pem \
+ -config ca.cnf
+
try /bin/sh -c "cat out/ok_cert.key out/ok_cert.pem \
> ../certificates/ok_cert.pem"
try /bin/sh -c "cat out/localhost_cert.key out/localhost_cert.pem \
@@ -119,6 +153,10 @@ try /bin/sh -c "cat out/ok_cert.key out/name_constraint_bad.pem \
> ../certificates/name_constraint_bad.pem"
try /bin/sh -c "cat out/ok_cert.key out/name_constraint_good.pem \
> ../certificates/name_constraint_good.pem"
+try /bin/sh -c "cat out/example_cert.key out/example_cert.pem \
+ > ../certificates/example_cert.pem"
+try /bin/sh -c "cat out/www_example_cert.key out/www_example_cert.pem \
+ > ../certificates/www_example_cert.pem"
# Now generate the one-off certs
## SHA-256 general test cert
« chrome/browser/ssl/ssl_error_handler.h ('K') | « net/data/ssl/scripts/ee.cnf ('k') | net/test/spawned_test_server/base_test_server.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698