diff options
author | Karen Arutyunov <karen@codesynthesis.com> | 2016-04-14 17:59:24 +0300 |
---|---|---|
committer | Karen Arutyunov <karen@codesynthesis.com> | 2016-05-04 20:47:45 +0300 |
commit | b13332c991ce2695626eaca367dd8208b174c9ca (patch) | |
tree | 809dc321b47d5ef9c72935637f94bf5b84ed640d /tests/cert.sh | |
parent | c9831f760a83e36a3a2ac84b1bd3f573e47ef195 (diff) |
Add support for repository authentication
Diffstat (limited to 'tests/cert.sh')
-rwxr-xr-x | tests/cert.sh | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/tests/cert.sh b/tests/cert.sh new file mode 100755 index 0000000..156f588 --- /dev/null +++ b/tests/cert.sh @@ -0,0 +1,46 @@ +#! /bin/sh + +# Normally, you don't need to regenerate the private key. +# +# openssl genrsa 4096 > key.pem + +# Copy default-cert.pem content to the certificate value of the following +# manifest files: +# pkg/1/build2.org/auth/mismatched/signature/repositories +# pkg/1/build2.org/auth/mismatched/sha256sum/repositories +# pkg/1/build2.org/auth/signed/repositories +# pkg/1/build2.org/common/hello/repositories +# +openssl req -x509 -new -key key.pem -days 365 -config default-openssl.cnf > \ + default-cert.pem + +# Copy mismatch-cert.pem content to the certificate value of +# pkg/1/build2.org/auth/mismatched/name/repositories manifest file. +# +openssl req -x509 -new -key key.pem -days 365 -config mismatch-openssl.cnf > \ + mismatch-cert.pem + +# Copy noemail-cert.pem content to the certificate value of +# pkg/1/faulty/auth/noemail/repositories manifest file. +# +openssl req -x509 -new -key key.pem -days 365 -config noemail-openssl.cnf > \ + noemail-cert.pem + +# Normally, you have no reason to regenerate expired-cert.pem, as need to keep +# it expired for the testing purposes. But if you do, copy expired-cert.pem +# content to the certificate value of the following manifest files: +# pkg/1/build2.org/auth/expired/repositories +# pkg/1/faulty/auth/expired/repositories +# +# To regenerate the packages and signature manifest files run: +# +# ../bpkg/bpkg rep-create pkg/1/build2.org/auth/expired --key key.pem +# +# We cannot do it in test.sh since the certificate has expired. This is also +# the reason why we store these auto-generated manifests in git. +# +# Will have to wait 1 day until the certificate expires. Until then test.sh +# will be failing. +# +# openssl req -x509 -new -key key.pem -days 1 -config default-openssl.cnf > \ +# expired-cert.pem |