Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(43)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/data/ssl/certificates/README

Issue 5535006: Add unittests for net::TestRootCerts and regenerate test certificates (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Address wtc feedback Created 10 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/base/test_root_certs_unittest.cc ('K') | « net/base/test_root_certs_unittest.cc ('k') | net/data/ssl/certificates/expired_cert.pem » ('j') | net/data/ssl/certificates/expired_cert.pem » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/data/ssl/certificates/README
diff --git a/net/data/ssl/certificates/README b/net/data/ssl/certificates/README
index a58aaa1cff9f99e3a93100ecd5e982e63bc4698f..039a526bd43650219c28757c6671e3fcd9c11883 100644
--- a/net/data/ssl/certificates/README
+++ b/net/data/ssl/certificates/README
@@ -20,13 +20,6 @@ unit tests.
- dod_root_ca_2_cert.der : A certificate chain for regression tests of
http://crbug.com/31497.
-- expired_cert.pem : An expired certificate, used by test_server.cc.
-
-- ok_cert.pem : A valid certificate, used by test_server.cc
-
-- root_ca_cert.crt : The testing root CA used to sign the test_server.cc's
- certificates.
-
- unosoft_hu_cert : Certificate used by X509CertificateTest.UnoSoftCertParsing.
- client.p12 : A PKCS #12 file containing a client certificate and a private
@@ -34,3 +27,38 @@ unit tests.
- punycodetest.der : A test self-signed server certificate with punycode name.
The common name is "xn--wgv71a119e.com" (日本語.com)
+
+=====
+Generated Test Certificates:
+ The following certificates were generated locally, and are primarily used
+ by test_server.cc and test_server.py:
+ - expired_cert.pem : An expired certificate, used by test_server.cc.
+ - ok_cert.pem : A valid certificate, used by test_server.cc and others
+ - root_ca_cert.crt : The testing root CA used to sign the test
wtc 2010/12/08 19:58:22 Typo: root_ca_cert.crt => root_ca_cert.pem Please
+ certificates
+ In addition, a support file is provided for making it easier to make
+ modifications or re-generate these certificates.
+ - openssl_ca.cnf : The configuration file used to generate the test
+ certificates
+
+ The following commands were used to generated the test root certificates
+ Note: Be sure to adjust path slashes as appropriate for your platform.
+
+mkdir root_ca
+mkdir root_ca\private
+mkdir root_ca\newcerts
+echo 01 > root_ca\serial
+[On Windows]
+ copy nul: root_ca\index.txt
+ copy nul: root_ca\index.txt.attr
+[On POSIX]
+ touch root_ca\index.txt
+ touch root_ca\index.txt.attr
+
+openssl req -new -x509 -days 18250 -keyout root_ca\private\cacert.key -out root_ca\cacert.pem -config openssl_ca.cnf
+openssl req -new -keyout expired_cert.key -out expired_cert.req -config openssl_cert.cnf
+openssl req -new -keyout ok_cert.key -out ok_cert.req -config openssl_cert.cnf
+openssl ca -name CA_root -extensions user_cert -startdate 060101000000Z -enddate 070101000000Z -in expired_cert.req -out expired_cert.pem -config openssl_ca.cnf
+openssl ca -name CA_root -extensions user_cert -days 18250 -in ok_cert.req -out ok_cert.pem -config openssl_ca.cnf
+
+ Then each output certificate (.pem) and private key (.key) were combined into previously mentioned filenames.
« net/base/test_root_certs_unittest.cc ('K') | « net/base/test_root_certs_unittest.cc ('k') | net/data/ssl/certificates/expired_cert.pem » ('j') | net/data/ssl/certificates/expired_cert.pem » ('J')

Powered by Google App Engine
This is Rietveld 408576698