Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nodejs/node.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTobias Nießen <tniessen@tnie.de>2022-03-17 15:59:46 +0300
committerDanielle Adams <adamzdanielle@gmail.com>2022-04-24 05:47:21 +0300
commit04243a85c7610db68fc53e858960c1a32fbde36a (patch)
tree8bd18b039f2de223bf89bbedd26dd10108f6ba75
parent7073017efbea1a36e73d03b8b3c6e60c04fbf9e3 (diff)
test: improve https_renew_cert.sh script
- To avoid unnecessarily large diffs, only generate a new private key if necessary. Otherwise, reuse the existing private key and only issue a new certificate. - Remove an unnecessary conversion step using openssl rsa and the intermediate rsa.pem and csr.pem files. - Extend the certificate validity from 1 year to 10 years. - Show a text representation of the issued certificate upon completion such that the user can verify the validity. - Make the script executable. - Use "#!/usr/bin/env bash" instead of "#!/bin/bash". - Allow the script to be called from any directory. Refs: https://github.com/nodejs/node/pull/42342 Refs: https://github.com/nodejs/node/pull/37990 PR-URL: https://github.com/nodejs/node/pull/42343 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Mestery <mestery@protonmail.com>
Diffstat
-rw-r--r--test/fixtures/keys/selfsigned-no-keycertsign/cert.pem20
-rwxr-xr-x[-rw-r--r--]test/fixtures/keys/selfsigned-no-keycertsign/https_renew_cert.sh17
2 files changed, 22 insertions, 15 deletions
diff --git a/test/fixtures/keys/selfsigned-no-keycertsign/cert.pem b/test/fixtures/keys/selfsigned-no-keycertsign/cert.pem
index 488d57f38f4..c2b824ef45e 100644
--- a/test/fixtures/keys/selfsigned-no-keycertsign/cert.pem
+++ b/test/fixtures/keys/selfsigned-no-keycertsign/cert.pem
@@ -1,7 +1,7 @@
-----BEGIN CERTIFICATE-----
-MIIDATCCAemgAwIBAgIUetgkeY+KShrAfmm5LR+QFsKJWlUwDQYJKoZIhvcNAQEL
-BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIyMDMxNTEwMjIxMFoXDTIzMDMx
-NTEwMjIxMFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
+MIIDATCCAemgAwIBAgIUb32MablwTzVJh3UQXwdun9pBoF0wDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIyMDMxNTE2MzQwOFoXDTMyMDMx
+MjE2MzQwOFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA11wz7hAhdN072sp2aTySdsla65aZT10L1o74JNBZmMye
DSq7Lbbvqq8XuLlwogS0ACAQVEjL7GPVMgJwzRytdaSWdzr26dftPCL3m1h8azU/
Bs1nafHWhi3rx8RQnLfyusq0fThR9Xd3xfjDuaqhoa7Nc36XbG98XWkgxpm2R7wR
@@ -9,11 +9,11 @@ pLyNT9K2Ixvry9orZicTxv0Zyq+tD3CzSEch5OCApVZNaqEcIDgiN1zE/zqIe83v
9+NYpLo61yPiqqedCqZaKp037uwJCp/RL9g6bh7IFDGZcNFv3k0xjZB4BVm4BZMp
SlbI49hncVIJZNB7qWt5ilCzEbwOhgLt6Y3Yh8rgMwIDAQABo0swSTALBgNVHQ8E
BAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwJQYDVR0RBB4wHIIJMTI3LjAuMC4x
-gglsb2NhbGhvc3SHBH8AAAEwDQYJKoZIhvcNAQELBQADggEBAACPB26XVV99W575
-p2iE1qHYAK6KCDrLyJTi0epITgzP5mAXv9aoq14qldvz4ryZp7X5R4rVvezPmfwk
-NWTgCzFkVbGDozdrcmaXx1sAx1guxJMTpU+DkIw1cahD9UdqI6Dr5rVlGcZvdh9S
-w0Q4fU6zSfp5e8wfGUxXaWqNpBzX0Z9VeHo3Rjgt6+V+9xSwEirE+5tzwy5MaMTs
-N5nJbJH6YOBVUDsOszPX+2TcWvebMGkViN2qkSu8Kwxge5Ijbwb3tWMFByaaiWUp
-XaRH77CoVU39LKj0u/M/GiHJ5FhR//7UqqtOqk2+keGNv61s/iBGKMdjbm7b2pJT
-EYIl4lo=
+gglsb2NhbGhvc3SHBH8AAAEwDQYJKoZIhvcNAQELBQADggEBAEEXVnMzax6vmGPY
+TNNK6HJuN8xUUbEKVHKPDTwKbn2ZPQRGNOs4CJ5vVc1h2tU1mfgg20FZzPqZ+y9N
+hIFIaESTpX881NXM87aE21Gqo4rS66lubcoEUHWeY1+/LcdD6Gh/Ur0V4CBORZjA
+W/H1nASZQKQLMHIkriopbclMQPOsUYM11JxLsTH6hOPCJRM5cl1K1KsHWY2yJ656
+Gw9IX0NBTak0flEAL/JQkFlm2PRFJhWShPBHsC8/AWBcvgJH/0noNnDS5vAtCWa6
+rJO6SoHFJwWK3xCVU2YsC6No2DrAukyqEdN8arifJ/2hEjx1XAfockNsWzrT1mB5
+EpLq2L0=
-----END CERTIFICATE-----
diff --git a/test/fixtures/keys/selfsigned-no-keycertsign/https_renew_cert.sh b/test/fixtures/keys/selfsigned-no-keycertsign/https_renew_cert.sh
index 092f27a8867..c40046d83b4 100644..100755
--- a/test/fixtures/keys/selfsigned-no-keycertsign/https_renew_cert.sh
+++ b/test/fixtures/keys/selfsigned-no-keycertsign/https_renew_cert.sh
@@ -1,6 +1,13 @@
-#!/bin/bash
-openssl genrsa -out rsa.pem 2048
-openssl rsa -in rsa.pem -out key.pem
-openssl req -sha256 -new -key key.pem -out csr.pem -subj "/CN=localhost"
-openssl x509 -req -extfile cert.conf -extensions v3_req -days 365 -in csr.pem -signkey key.pem -out cert.pem
+#!/usr/bin/env bash
+set -euo pipefail
+shopt -s inherit_errexit
+cd -- "$(dirname -- "${BASH_SOURCE[0]}")"
+
+if [ ! -f key.pem ]; then
+ openssl genrsa -out key.pem 2048
+fi
+
+openssl req -sha256 -new -key key.pem -subj "/CN=localhost" | \
+ openssl x509 -req -extfile cert.conf -extensions v3_req -days 3650 -signkey key.pem -out cert.pem
+openssl x509 -in cert.pem -noout -text
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-25 06:48:01 +0300