Skip to content

Commit 0aaa4bf

Browse files
author
Martin Panter
committed
Issue #25940: Set "basic constraints" CA flag in self-signed certificate
This should allow test_ssl to switch from testing https://svn.python.org to https://self-signed.pythontest.net. The serial number of the certificate was also incremented, to stop Firefox from complaining and to keep it unique. Commands used to modify the certificate: openssl x509 < tls/self-signed-cert.pem \ -x509toreq -signkey tls/self-signed-key.pem > req.pem cat <<'CONFIG' > config [x509_extensions] subjectAltName = DNS:self-signed.pythontest.net basicConstraints = CA:true [ ca ] default_ca = CA_default [ CA_default ] database = index.txt default_md = sha1 default_days = 3 certificate = tls/self-signed-cert.pem private_key = tls/self-signed-key.pem serial = serial policy = policy_anything default_startdate = 141102180929Z default_enddate = 241030180929Z [ policy_anything ] countryName = optional localityName = optional organizationName = optional commonName = optional CONFIG : > index.txt echo A194F79c0A47CA53 > serial openssl ca -config config -outdir . -notext \ -batch -extensions x509_extensions -infiles req.pem mv A194F79C0A47CA53.pem tls/self-signed-cert.pem
1 parent 28ca47a commit 0aaa4bf

File tree

1 file changed

+6
-6
lines changed

1 file changed

+6
-6
lines changed

tls/self-signed-cert.pem

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
-----BEGIN CERTIFICATE-----
2-
MIIChzCCAfCgAwIBAgIJAKGU95wKR8pSMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
2+
MIIClTCCAf6gAwIBAgIJAKGU95wKR8pTMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
33
BAYTAlhZMRcwFQYDVQQHDA5DYXN0bGUgQW50aHJheDEjMCEGA1UECgwaUHl0aG9u
44
IFNvZnR3YXJlIEZvdW5kYXRpb24xIzAhBgNVBAMMGnNlbGYtc2lnbmVkLnB5dGhv
55
bnRlc3QubmV0MB4XDTE0MTEwMjE4MDkyOVoXDTI0MTAzMDE4MDkyOVowcDELMAkG
@@ -8,9 +8,9 @@ b24gU29mdHdhcmUgRm91bmRhdGlvbjEjMCEGA1UEAwwac2VsZi1zaWduZWQucHl0
88
aG9udGVzdC5uZXQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANDXQXW9tjyZ
99
Xt0Iv2tLL1+jinr4wGg36ioLDLFkMf+2Y1GL0v0BnKYG4N1OKlAU15LXGeGer8vm
1010
Sv/yIvmdrELvhAbbo3w4a9TMYQA4XkIVLdvu3mvNOAet+8PMJxn26dbDhG809ALv
11-
EHY57lQsBS3G59RZyBPVqAqmImWNJnVzAgMBAAGjKTAnMCUGA1UdEQQeMByCGnNl
12-
bGYtc2lnbmVkLnB5dGhvbnRlc3QubmV0MA0GCSqGSIb3DQEBBQUAA4GBAIOXmdtM
13-
eG9qzP9TiXW/Gc/zI4cBfdCpC+Y4gOfC9bQUC7hefix4iO3+iZjgy3X/FaRxUUoV
14-
HKiXcXIaWqTSUWp45cSh0MbwZXudp6JIAptzdAhvvCrPKeC9i9GvxsPD4LtDAL97
15-
vSaxQBezA7hdxZd90/EeyMgVZgAnTCnvAWX9
11+
EHY57lQsBS3G59RZyBPVqAqmImWNJnVzAgMBAAGjNzA1MCUGA1UdEQQeMByCGnNl
12+
bGYtc2lnbmVkLnB5dGhvbnRlc3QubmV0MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN
13+
AQEFBQADgYEAIuzAhgMouJpNdf3URCHIineyoSt6WK/9+eyUcjlKOrDoXNZaD72h
14+
TXMeKYoWvJyVcSLKL8ckPtDobgP2OTt0UkyAaj0n+ZHaqq1lH2yVfGUA1ILJv515
15+
C8BqbvVZuqm3i7ygmw3bqE/lYMgOrYtXXnqOrz6nvsE6Yc9V9rFflOM=
1616
-----END CERTIFICATE-----

0 commit comments

Comments
 (0)