pydtls/dtls/test/makecerts

#!/bin/bash -eu

##############################################################################
#
# Generate Certificates for PyDTLS Unit Testing
#
# This script is invoked manually (as opposed to by the unit test suite), in
# order to generate certain certificates that are required to be valid by
# the unit test suite.
#
# This script is not portable: it has been tested on Ubuntu 13.04 only. New
# certificates are written into the current directory.
#
# Copyright 2014 Ray Brown
#
##############################################################################

DIR=`dirname "$0"`

# Generate self-signed certificate for the certificate authority
echo Generating CA...; echo
openssl req -config "$DIR/openssl_ca.cnf" -x509 -newkey rsa -nodes -keyout tmp_ca.key -out ca-cert.pem -days 3650

# Generate a certificate request
echo Generating certificate request...; echo
openssl req -config "$DIR/openssl_server.cnf" -newkey rsa -nodes -keyout tmp_server.key -out tmp_server.req

# Sign the request with the certificate authority's certificate created above
echo Signing certificate request...; echo
openssl x509 -req -in tmp_server.req -CA ca-cert.pem -CAkey tmp_ca.key -CAcreateserial -days 3650 -out server-cert.pem

# Build pem file with private and public keys, ready for unprompted server use
cat tmp_server.key server-cert.pem > keycert.pem

# Clean up
rm tmp_ca.key tmp_server.key tmp_server.req ca-cert.srl
First Stable Release The version number is incremented to 1.0.0. Thanks to doneir for reporting that a number of unit test were failing. This was because two test certificates had expired. This commit replaces these with updated certificates, along with the tool used for programmatic certificate generation. The new certificates are set to remain valid for approximately ten years. 2014-01-19 06:02:25 +04:00			`#!/bin/bash -eu`

			`##############################################################################`
			`#`
			`# Generate Certificates for PyDTLS Unit Testing`
			`#`
			`# This script is invoked manually (as opposed to by the unit test suite), in`
			`# order to generate certain certificates that are required to be valid by`
			`# the unit test suite.`
			`#`
			`# This script is not portable: it has been tested on Ubuntu 13.04 only. New`
			`# certificates are written into the current directory.`
			`#`
			`# Copyright 2014 Ray Brown`
			`#`
			`##############################################################################`

			DIR=`dirname "$0"`

			`# Generate self-signed certificate for the certificate authority`
			`echo Generating CA...; echo`
			`openssl req -config "$DIR/openssl_ca.cnf" -x509 -newkey rsa -nodes -keyout tmp_ca.key -out ca-cert.pem -days 3650`

			`# Generate a certificate request`
			`echo Generating certificate request...; echo`
			`openssl req -config "$DIR/openssl_server.cnf" -newkey rsa -nodes -keyout tmp_server.key -out tmp_server.req`

			`# Sign the request with the certificate authority's certificate created above`
			`echo Signing certificate request...; echo`
			`openssl x509 -req -in tmp_server.req -CA ca-cert.pem -CAkey tmp_ca.key -CAcreateserial -days 3650 -out server-cert.pem`

			`# Build pem file with private and public keys, ready for unprompted server use`
			`cat tmp_server.key server-cert.pem > keycert.pem`

			`# Clean up`
			`rm tmp_ca.key tmp_server.key tmp_server.req ca-cert.srl`