[Swan-dev] generating x509 certificates
Andrew Cagney
andrew.cagney at gmail.com
Tue Feb 3 17:25:45 EET 2015
Does:
- purging the shell script
- tweaking the "make check" so it depends on those certs and will generate them
seem reasonable?
Andrew
Who wishes the code to boot/run commands on a client (in swantest) was
available as a separate script - I could then use the test machine's
version of openssl.
On 3 February 2015 at 10:15, Paul Wouters <paul at nohats.ca> wrote:
> On Tue, 3 Feb 2015, Andrew Cagney wrote:
>
>> I've hit a few problems when trying to run the tests that require
>> certificates. The main one is that the script dist_certs fails as
>> openssl (Fedora release 20 (Heisenbug) at least) doesn't like
>> generating the bad certificate:
>>
>> The organizationName field needed to be the same in the
>> CA certificate (Libreswan) and the request (Traitors Inc)
>>
>> Look for the command:
>>
>> openssl ca -batch -in reqs/wrongdnorg.req -startdate ...
>>
>> Perhaps I'm instead meant to run dist_certs.py? This, however, lends
>> itself to the other problem: dist_certs (not dist_certs.py) is run by
>> testing/libvirt/install.sh. The script (which ever it is) should be
>> run as part of pluto's make check.
>
>
> The python replaced the old shell script.
>
> Paul
More information about the Swan-dev
mailing list