Index: net/data/ssl/scripts/generate-test-certs.sh |
diff --git a/net/data/ssl/scripts/generate-test-certs.sh b/net/data/ssl/scripts/generate-test-certs.sh |
index 92d8f22868b191eeab7860a28e75f3ea09dba9f4..feb24532b4d325bd34941501c9fe08d389d6754b 100755 |
--- a/net/data/ssl/scripts/generate-test-certs.sh |
+++ b/net/data/ssl/scripts/generate-test-certs.sh |
@@ -107,6 +107,17 @@ CA_COMMON_NAME="Test Root CA" \ |
-out out/localhost_cert.pem \ |
-config ca.cnf |
+CA_COMMON_NAME="Test Root CA" \ |
+ try openssl ca \ |
+ -batch \ |
+ -extensions user_cert \ |
+ -subj "/CN=Leaf Certificate/" \ |
+ -startdate 00010101000000Z \ |
+ -enddate 00010101000000Z \ |
+ -in out/ok_cert.req \ |
+ -out out/bad_validity.pem \ |
+ -config ca.cnf |
+ |
try /bin/sh -c "cat out/ok_cert.key out/ok_cert.pem \ |
> ../certificates/ok_cert.pem" |
try /bin/sh -c "cat out/localhost_cert.key out/localhost_cert.pem \ |
@@ -119,6 +130,8 @@ try /bin/sh -c "cat out/ok_cert.key out/name_constraint_bad.pem \ |
> ../certificates/name_constraint_bad.pem" |
try /bin/sh -c "cat out/ok_cert.key out/name_constraint_good.pem \ |
> ../certificates/name_constraint_good.pem" |
+try /bin/sh -c "cat out/ok_cert.key out/bad_validity.pem \ |
+ > ../certificates/bad_validity.pem" |
# Now generate the one-off certs |
## SHA-256 general test cert |