From e73fe837a8877c0197721b91e0d5ec40cb7a2cd0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 11 Aug 2009 21:48:58 +0000 Subject: - Peter Sylvester made the HTTPS test server use specific certificates for each test, so that the test suite can now be used to actually test the verification of cert names etc. This made an error show up in the OpenSSL- specific code where it would attempt to match the CN field even if a subjectAltName exists that doesn't match. This is now fixed and verified in test 311. --- tests/certs/EdelCurlRoot-ca.prm | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 tests/certs/EdelCurlRoot-ca.prm (limited to 'tests/certs/EdelCurlRoot-ca.prm') diff --git a/tests/certs/EdelCurlRoot-ca.prm b/tests/certs/EdelCurlRoot-ca.prm new file mode 100644 index 000000000..4c53ef515 --- /dev/null +++ b/tests/certs/EdelCurlRoot-ca.prm @@ -0,0 +1,18 @@ +extensions = x509v3 +[ req ] +default_bits = 2048 +distinguished_name = req_DN +default_md = sha256 +string_mask = utf8only +[ req_DN ] +countryName = "Country Name" +countryName_value = NN +organizationName = "Organization Name" +organizationName_value = Edel Curl Arctic Illudium Research Cloud +commonName = "Common Name" +commonName_value = Nothern Nowhere Trust Anchor +[ x509v3 ] +basicConstraints = critical,CA:true +keyUsage = critical,keyCertSign,cRLSign +subjectKeyIdentifier = hash + -- cgit v1.2.3