Skip to content

Commit 6614f98

Browse files
gowthamsk-armtgonzalezorlandoarm
gowthamsk-arm
authored and
tgonzalezorlandoarm
committed
tests: Minor modifications to setup_tls.sh
* Shorten private key file names for cleaner formatting * Give proper CN fields for various certificates * Generate certificates with expiry periods Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
1 parent 7afcdc5 commit 6614f98

File tree

1 file changed

+11
-11
lines changed

1 file changed

+11
-11
lines changed

tests/setup_tls.sh

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -13,17 +13,17 @@
1313
generate_ca_certs() {
1414
CA_DIRECTORY=$1
1515
CA_CERTIFICATE=${CA_DIRECTORY}/ca_cert.pem
16-
CA_PRIV_KEY=${CA_DIRECTORY}/ca_private_key.pem
16+
CA_PRIV_KEY=${CA_DIRECTORY}/ca_priv_key.pem
1717

1818
# Generate a self signed certificate for the CA along with a key.
1919
if [ ! -f "${CA_CERTIFICATE}" ]; then
2020
mkdir -p "${CA_DIRECTORY}"
2121
chmod 700 "${CA_DIRECTORY}"
2222

23-
openssl req -x509 -nodes -newkey rsa:2048 \
23+
openssl req -x509 -nodes -days 1000 -newkey rsa:2048 \
2424
-keyout "${CA_PRIV_KEY}" \
2525
-out "${CA_CERTIFICATE}" \
26-
-subj "/C=UK/ST=Parsec /L=Parsec/O=Parsec/CN=parsec.com" > /dev/null 2>&1
26+
-subj "/C=UK/ST=Parsec /L=Parsec/O=Parsec/CN=parsec_ca.com" > /dev/null 2>&1
2727

2828
if [ $? -ne 0 ]; then
2929
echo "FAILED"
@@ -43,11 +43,11 @@ generate_server_certs() {
4343
SERVER_DIRECTORY=$1
4444
SERVER_CERTIFICATE=${SERVER_DIRECTORY}/server_cert.pem
4545
SERVER_CSR=${SERVER_DIRECTORY}/server_cert.csr
46-
SERVER_PRIV_KEY=${SERVER_DIRECTORY}/server_private_key.pem
46+
SERVER_PRIV_KEY=${SERVER_DIRECTORY}/server_priv_key.pem
4747

4848
CA_DIRECTORY=$2
4949
CA_CERTIFICATE=${CA_DIRECTORY}/ca_cert.pem
50-
CA_PRIV_KEY=${CA_DIRECTORY}/ca_private_key.pem
50+
CA_PRIV_KEY=${CA_DIRECTORY}/ca_priv_key.pem
5151

5252
if [ ! -f "${SERVER_CSR}" ]; then
5353
mkdir -p "${SERVER_DIRECTORY}" > /dev/null 2>&1
@@ -64,14 +64,14 @@ generate_server_certs() {
6464
openssl req -new \
6565
-key "${SERVER_PRIV_KEY}" \
6666
-out "${SERVER_CSR}" \
67-
-subj "/C=UK/ST=Parsec /L=Parsec/O=Parsec/CN=parsec.com" > /dev/null 2>&1
67+
-subj "/C=UK/ST=Parsec /L=Parsec/O=Parsec/CN=parsec_server.com" > /dev/null 2>&1
6868
if [ $? -ne 0 ]; then
6969
echo "FAILED TO GENERATE CERTIFICATE REQUEST"
7070
exit 1
7171
fi
7272

7373
# Generate certificate
74-
openssl x509 -req -in "${SERVER_CSR}" \
74+
openssl x509 -req -days 1000 -in "${SERVER_CSR}" \
7575
-CA "${CA_CERTIFICATE}" -CAkey "${CA_PRIV_KEY}" \
7676
-CAcreateserial -out "${SERVER_CERTIFICATE}" > /dev/null 2>&1
7777
if [ $? -ne 0 ]; then
@@ -95,11 +95,11 @@ generate_client_certs() {
9595
CLIENT_DIRECTORY=$1
9696
CLIENT_CERTIFICATE=${CLIENT_DIRECTORY}/client_cert.pem
9797
CLIENT_CSR=${CLIENT_DIRECTORY}/client_cert.csr
98-
CLIENT_PRIV_KEY=${CLIENT_DIRECTORY}/client_private_key.pem
98+
CLIENT_PRIV_KEY=${CLIENT_DIRECTORY}/client_priv_key.pem
9999

100100
CA_DIRECTORY=$2
101101
CA_CERTIFICATE=${CA_DIRECTORY}/ca_cert.pem
102-
CA_PRIV_KEY=${CA_DIRECTORY}/ca_private_key.pem
102+
CA_PRIV_KEY=${CA_DIRECTORY}/ca_priv_key.pem
103103

104104
if [ ! -f "${CLIENT_CSR}" ]; then
105105
mkdir -p "${CLIENT_DIRECTORY}" > /dev/null 2>&1
@@ -116,14 +116,14 @@ generate_client_certs() {
116116
openssl req -new \
117117
-key "${CLIENT_PRIV_KEY}" \
118118
-out "${CLIENT_CSR}" \
119-
-subj "/C=UK/ST=Parsec /L=Parsec/O=Parsec/CN=parsec.com" > /dev/null 2>&1
119+
-subj "/C=UK/ST=Parsec /L=Parsec/O=Parsec/CN=parsec_client.com" > /dev/null 2>&1
120120
if [ $? -ne 0 ]; then
121121
echo "FAILED TO GENERATE CERTIFICATE REQUEST"
122122
exit 1
123123
fi
124124

125125
# Generate certificate
126-
openssl x509 -req -in "${CLIENT_CSR}" \
126+
openssl x509 -req -days 1000 -in "${CLIENT_CSR}" \
127127
-CA "${CA_CERTIFICATE}" -CAkey "${CA_PRIV_KEY}" \
128128
-CAcreateserial -out "${CLIENT_CERTIFICATE}" > /dev/null 2>&1
129129
if [ $? -ne 0 ]; then

0 commit comments

Comments
 (0)