From 4885d2829406d5b871fb6bcb883fd89c1ec6d6d3 Mon Sep 17 00:00:00 2001
From: David Cermak <cermak@espressif.com>
Date: Mon, 7 Apr 2025 12:01:30 +0200
Subject: [PATCH] fix(asio): Fixed TLS server-client example failure per cert
 expiry

---
 .../examples/ssl_client_server/main/ca.crt    | 32 ++++++------
 .../main/regenerate_test_certs.sh             | 22 ++++++++
 .../ssl_client_server/main/server.key         | 50 +++++++++----------
 .../examples/ssl_client_server/main/srv.crt   | 30 +++++------
 4 files changed, 78 insertions(+), 56 deletions(-)
 create mode 100755 components/asio/examples/ssl_client_server/main/regenerate_test_certs.sh

diff --git a/components/asio/examples/ssl_client_server/main/ca.crt b/components/asio/examples/ssl_client_server/main/ca.crt
index 894f2959b..68c563e4a 100644
--- a/components/asio/examples/ssl_client_server/main/ca.crt
+++ b/components/asio/examples/ssl_client_server/main/ca.crt
@@ -1,22 +1,22 @@
 -----BEGIN CERTIFICATE-----
-MIIDkzCCAnugAwIBAgIUNI5wldYysh6rtCzYmda6H414aRswDQYJKoZIhvcNAQEL
+MIIDkzCCAnugAwIBAgIUb25LYOLubieEbKPQDiM+8T5p4yUwDQYJKoZIhvcNAQEL
 BQAwWTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
 GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDESMBAGA1UEAwwJRXNwcmVzc2lmMB4X
-DTIwMDEyMTA5MDk0NloXDTI1MDEyMDA5MDk0NlowWTELMAkGA1UEBhMCQVUxEzAR
+DTI1MDQwNzA5NDkzOFoXDTQ1MDQwMjA5NDkzOFowWTELMAkGA1UEBhMCQVUxEzAR
 BgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5
 IEx0ZDESMBAGA1UEAwwJRXNwcmVzc2lmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAyadSpRnIQBVbEAsbpkrKrOMlBOMIUmA8AfNyOYPLfv0Oa5lBiMAV
-3OQDu5tYyFYKwkCUqq65iAm50fPbSH71w1tkja6nZ1yAIM+TvpMlM/WiFGrhY+Tc
-kAcLcKUJyPxrv/glzoVslbqUgIhuhCSKA8uk1+ILcn3nWzPcbcowLx31+AHeZj8h
-bIAdj6vjqxMCFStp4IcA+ikmCk75LCN4vkkifdkebb/ZDNYCZZhpCBnCHyFAjPc4
-7C+FDVGT3/UUeeTy+Mtn+MqUAhB+W0sPDm1n2h59D4Z/MFm0hl6GQCAKeMJPzssU
-BBsRm6zoyPQ4VTqG0uwfNNbORyIfKONMUwIDAQABo1MwUTAdBgNVHQ4EFgQUGYLV
-EkgWzxjpltE6texha7zZVxowHwYDVR0jBBgwFoAUGYLVEkgWzxjpltE6texha7zZ
-VxowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAb2EF4Zg2XWNb
-eZHnzupCDd9jAhwPqkt7F1OXvxJa/RFUSB9+2izGvikGGhuKY4f0iLuqF+bhExD9
-sapDcdFO2Suh4J3onbwEvmKvsv56K3xhapYg8WwPofpkVirnkwFjpQXGzrYxPujg
-BPmSy3psQrhvOr/WH7SefJv2qr4ikaugfE+3enY4PL+C1dSQAuNo1QGgWsZIu0c8
-TZybNZ13vNVMA+tgj2CM8FR3Etaabwtu3TTcAnO7aoBTix/bLBTuZoczhN8/MhG3
-GylmDzFI8a6aKxQL3Fi4PsM82hRKWu3gfs39sR1Ci4V22v8uO5EWBPK0QZvDSc1a
-KwwxI4zA0w==
+MIIBCgKCAQEArJsjwSNjPOBpTCRW+pIag9gJgRaNIjscea/ilRYRwAnqWKLNssNw
+Kye79KmQ5TxnOEvBIYjesArst1l7MghPLaELscCKo96jzCkSmgPLbxPs+5/E4daO
+9ItxOSH2mjOgG5yFQLEb8xOvsvWWrJAUBj6RBjhzgSYLYRbesWKAyVi9fxSuzfZm
+ROV0B2NsO1PlUDzweo9RYSuvpyNR3kddNnc6lJLXtZhf6IHczjFDFd5/PQuzLIO/
+Dbg+5AMpQykbMFhcQI/Y49GlMMXFDIaWjP+XfE/yUJ4GyYd2EzpDFDFMisnkuR9d
+LQgSXZNwygO8SIfYnnm1pwcGuG/fCQZYpQIDAQABo1MwUTAdBgNVHQ4EFgQUMTUG
+OZ7ujyz7oXSuhDgbpoPRo1cwHwYDVR0jBBgwFoAUMTUGOZ7ujyz7oXSuhDgbpoPR
+o1cwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAD5JwzRVEvnTK
+R2bfMNy60FmFNTOEEYP+XYoNGBiXVY3MRrWlfbY5Pbs4Nq7sCfzEWMj2UsjFmjZE
+DU6FdsaL6rhnps03MR5yiuE5w2aPiH/ijgzVfZtdLe6nKcnrv1YInjEKk+Y3qGu6
+2ZC+MEINPBfRiuN6gCAdxGiK81J4FPLlZImLO/g/0fSrIXCzBUzjoYRYjsy5AP60
+0kbaoGA/SshP0aeNvWB0wUab40idGXBFJ3vnEfMbLIMdc/uCqnzRpqK0m1DacwrI
+nTUMl0bI302Oa/gym+Ma0nJ1nVADcLKoZ1syWjyzIcl6zr+ITY5S+pbeO/geQgKh
+NSUkahX6MQ==
 -----END CERTIFICATE-----
diff --git a/components/asio/examples/ssl_client_server/main/regenerate_test_certs.sh b/components/asio/examples/ssl_client_server/main/regenerate_test_certs.sh
new file mode 100755
index 000000000..7c7cec5c9
--- /dev/null
+++ b/components/asio/examples/ssl_client_server/main/regenerate_test_certs.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+# This script generates self-signed certificates for testing purposes only.
+# DO NOT use these certificates in production environments.
+# These certificates are meant for development and testing of SSL/TLS functionality.
+
+# 1. Generate CA private key
+openssl genrsa -out ca.key 2048
+
+# 2. Generate CA certificate (validity: 20 years, CN=Espressif)
+openssl req -x509 -new -nodes -key ca.key -sha256 -days 7300 -out ca.crt -subj "/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=Espressif"
+
+# 3. Generate server private key
+openssl genrsa -out server.key 2048
+
+# 4. Generate server Certificate Signing Request (CSR)
+openssl req -new -key server.key -out server.csr -subj "/CN=localhost"
+
+# 5. Generate server certificate signed by CA (validity: 20 years)
+openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out srv.crt -days 7300 -sha256
+
+# 6. Clean up intermediate files
+rm server.csr ca.srl
diff --git a/components/asio/examples/ssl_client_server/main/server.key b/components/asio/examples/ssl_client_server/main/server.key
index 2a4d650ea..ad3b144d2 100644
--- a/components/asio/examples/ssl_client_server/main/server.key
+++ b/components/asio/examples/ssl_client_server/main/server.key
@@ -1,27 +1,27 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIEogIBAAKCAQEAlUCywNhVv4RO2y9h/XGKZ1azzk3jzHpSBzIGO9LoiA8trC/p
-1ykGaUfYPJllYK4HMhC4fUyE3J7tVL2Eskzl26LNPLbEoaBWZM9NhV3iA1/1EtOu
-p6umLx+y3sDfvK35YAOUbjdAlBfhnJ4r8h7oTsxl3J5jZ18zgjJnJi2NEFq/yTpO
-MiwHLWPjy25fDFixfV9UzSvbgt1JaGPmC7c4QkhHzjyp0+ikuvRIw0p9BBNeqBV2
-da3qBMB5FtodUJTAz6o6OKWbTalLjQi6C1H6z9TnY7IrJBUOy/FWkQH/sEsLdscD
-hHa1Dz2oT203QjhzyOSfnNF95D/1MdNcMt6l0wIDAQABAoIBAC1JJTOoMFRc48RT
-myrYQYNbZlEphv3q+2qdfhC2zMFDwbrmCtCy7PQSzYSNkpoEE8DYG/JAvmtmeWJl
-4pZrCK9ctWM/nWfhC3WpBL97nfEiM20T94F+bn0L5Cz8XqaULv839th+QUTt/hGU
-WIctY5VNJXcMQ+MAmtNdUbjex1d3iuxiKHUo4nDoZ8digKFNdtdP5B5nlMq5chCL
-mxNRcsGsx2dDAxbGUapdTVPWHPJKpLOBoSkluDsfd2KZADFU2R1SJpAX9+RYh3HM
-5FTUdHTUaISxbKkgeDKlEM0lqk2TtGUwCyEj098ewi7Wzsu9w60IplPPUJx5FRG6
-jp3wzLkCgYEAxKp5T20rf/7ysX7x053I7VCjDXUxAaWOEj1uS3AhOkl0NaZg7Di+
-y53fWNkcHdkt2n2LqMt/43UgMYq3TVVcq2eunPNF11e1bJw8CjDafwDs4omwwyVn
-lYhPuB4dK2OAib+vU5Zqpp0kZMoxk2MZVgon8z+s8DW/zmB6aFqAWeUCgYEAwkhC
-OgmXKMdjOCVy5t2f5UbY8Y9rV3w8eUATuJ47MMwLr4pGYnKoEn9JB4ltWrHv/u5S
-fOv3tIrrCEvnCoCbOILwCsY5LqTNXgqova8FB6RpMUQCzhDd8LHuvdHv0WMnMzX1
-3PKuqwh8JS55m4WqZRhzr5BFKG4fHPVs4IcaJVcCgYAzzCaJSdqUKqTnJOUydDNQ
-ddWMHNqccWs62J0tF0pZHLGT089hSAzQejMyJnSmU+Ykzr4y5e44DUg+ZCelIZ93
-saYmxlgVwI8THQ8fLADQRIEfpV4996MRmkZM2vmZzOo03Zyi6lIKsga82Rg3lnk8
-1Q3ynknBNpbfF0AGLhfyFQKBgBYlxJ73HutAJ5hr9HhLBYJOnEaVUehMOlycKGNg
-bmD2sdJWEgYBChXpurqIORYguLo4EuE4ySkkuPxeIr14wbkkfBbOWBBwKxUwY+IT
-xKAFZxR9q1AwbgyVTCEJgKw/AGX/HcMNS0omEnjunmBTUYRq0C1QZgHg490aQUor
-PJjLAoGAevzdTpFlVeuKeYh1oDubGO1LinyXpBv7fPFjl+zu4AVbjojcU6yC4OO6
-QvqopE6SyAECKy8kAOFcESPsGc9Lta2XUvI203z7pIVlNVEcJ0+90mQh3Mn1U46l
-sZ49PdRvNwNb5wvkh1UqNsMlGFbRlzMbIk45ou4311kCobowZek=
+MIIEpAIBAAKCAQEA1zQFgwUxyIteLl5SiciuRBZbn/3KWRmsVpyo5JiYCK9NM3Q8
+dDur/dyQ4y2Mq0RVuM7uZL7VraRA4F9+Tm8D2BJ8q4Ai3nRDiGQkFEfbvX0Wic6P
+P6q7lKm65fnYMvbWHqhMOglr8e4b7dMOFpZdNLRZVcoP4/43+/9dOgOj7TXczTFs
+jnlLJBijOnwABf/xlTpTR7ZbQ3uOlckc0TK/Lqxex+NUq4dXQKa96a/wpA6smW38
+0XU5hvVBmhA9YNK86CIpAVOny9gNM1Wxv+aAdVZigNNi6Hht75neC0DhFqGbfpMi
+nLhW8qGwVtY3T1pM8HrpdAu5plkdvmcDm8tUAwIDAQABAoIBADHwOHc29V58ONa5
+vJ2MnCPgrFJsKlCSzJMst2SUpHMfeuK9zmmKj1bRoC2XnFUB/oJsQpXOUveAbi2i
++0RoLpQtdhC2I2FLyYAU/OpX4n4OUPSZolQ74luVJ3HGkI0DCp0CoO220f3KK2D8
+4QAM1IQudayavyVBEOzBTXjw71FUCXmg0viBtd7JRSug9FR69PPLWP14uzo1viBA
+dtRsLePDyTatW+bfKkPwDG8hhJoummw+fYRPZbM05aWLmVvTiZ/eQtRq1jkwUNSH
+zXsJiCQbHLqwoXISiEsdagQM8hNW2bw5B+ijCQhWNj2ZZBZPJIRtI75sXiXGy2eC
+kDaP0cECgYEA8GpoGOyVZ+KMm7PVNcNbdLJrjpoNhdVXdGwR+yd3u6EoQ3MMD5tr
+4F7pFtN3IxwLoCSM/dnobysNFdKdQRnOB+o3uLADiPn9REM7ebuGUwUP3BWwkb7S
+orDVPUMA82A1p0T4Dwi+OAPpS5bUoI7S/6ZwheWTdoGZYjCrtsqkeEUCgYEA5Sc5
+sgLFWIqvYUQF/+aLAwjHR/bBD9NkvHgdW8GmgXdnEd0DIKHDpJ2yEK3BbQxVp/Kk
+O2KG1NGyJ9UqA9QQ3q5UgpZNHQBWxz2GUl0jHsy8enhgsZr4K2+wvuw5F5bCdXPe
+m/dyFIGnUJ7ic+DtvDGjXdcwAR8Cgc97m5Pg06cCgYEAgyjqBb78e6KDJ2biyOP9
+fxrfxvqQqhUMEz3qSWTs03ZGaxXW3KTkI5JkA8n2Uzc3uHR4Xv2E6zFHgEJY/G1B
+k9vZ7m5IX3BTFezAA9eknqJCVsWWgMzkSVHD5Bor6JryaoEb+8e/TvwDSPPOqJGC
+12pMNSBcZOirb4AyDhVbySkCgYB3Lu2dHj/SC1+oMR8Ft7y5eUlcroQ/XO1Z8Qck
+ABY/5ABhlBfaUwhUiAhjEFw4AWBTl6m/kUEbU21btkzB7PxRNU6TFOVKnjCENAW2
+tOZdUJL/B7kS5s0ImnDM/EO9dxXwzLENYaed7sk870ZMisJbTV3wosk+7Af7yBQ8
+GK+opQKBgQCdZy3KX2FT8S/K2SjDuRM8uDzJ+IcaqScDhgbJFMlrbWmTSML69oRD
+Ic6xVe5hWkkPIs521gwrQSD5E3dbb2dFmjhUZpZkHdv0u/AUupFN0EaCFb/I2A0P
+fRebd9oKoZjlUrEPeID0kjzbmnPGbtG+gFZYmkRb5iLdcCVAn0O1AQ==
 -----END RSA PRIVATE KEY-----
diff --git a/components/asio/examples/ssl_client_server/main/srv.crt b/components/asio/examples/ssl_client_server/main/srv.crt
index 29bfa1664..84c0032a8 100644
--- a/components/asio/examples/ssl_client_server/main/srv.crt
+++ b/components/asio/examples/ssl_client_server/main/srv.crt
@@ -1,18 +1,18 @@
 -----BEGIN CERTIFICATE-----
-MIIC9DCCAdwCFA1lSIcHwYKdB2UqOrZxZnVgPObTMA0GCSqGSIb3DQEBCwUAMFkx
+MIIC9DCCAdwCFHNjaiCN2RT7W7NHXho8HlgxdAygMA0GCSqGSIb3DQEBCwUAMFkx
 CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
-cm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCUVzcHJlc3NpZjAeFw0yMDA2
-MTIwNjA0MTNaFw0yMjA2MDIwNjA0MTNaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJVAssDYVb+ETtsvYf1ximdW
-s85N48x6UgcyBjvS6IgPLawv6dcpBmlH2DyZZWCuBzIQuH1MhNye7VS9hLJM5dui
-zTy2xKGgVmTPTYVd4gNf9RLTrqerpi8fst7A37yt+WADlG43QJQX4ZyeK/Ie6E7M
-ZdyeY2dfM4IyZyYtjRBav8k6TjIsBy1j48tuXwxYsX1fVM0r24LdSWhj5gu3OEJI
-R848qdPopLr0SMNKfQQTXqgVdnWt6gTAeRbaHVCUwM+qOjilm02pS40IugtR+s/U
-52OyKyQVDsvxVpEB/7BLC3bHA4R2tQ89qE9tN0I4c8jkn5zRfeQ/9THTXDLepdMC
-AwEAATANBgkqhkiG9w0BAQsFAAOCAQEAnMYGW+idt37bEE4WPgrRorKWuplR+zHD
-wJFz53DQzyIZJHmJ2hR5U0jNcHy/nMq7tbdz9LZPrVF4lZJ3TJhnmkOKjMFPCQE8
-YcmsP3il6eXgtGqg53InOi/uJqEQ9TfM54cbpp6xKbnmpwk4uprISBRQt7u2ZLk2
-40ED6zgjFPDTYmSjSpb2AN6KUB6PflgVs+4p9ViHNq4U3AlYV/BM0+3G4aMX2wNl
-ZIpQfOyuaYD5MU50mY+O+gDiiypkpYf6a6S4YJ1sMbavDsP7bW5UMnP0jKYR549q
-5hF1fdkXq52DfJ9ya2kl3mANFkKssQV+1KCBMxGoeqfakmJfa03xXA==
+cm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCUVzcHJlc3NpZjAeFw0yNTA0
+MDcwOTQ5MzhaFw00NTA0MDIwOTQ5MzhaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANc0BYMFMciLXi5eUonIrkQW
+W5/9ylkZrFacqOSYmAivTTN0PHQ7q/3ckOMtjKtEVbjO7mS+1a2kQOBffk5vA9gS
+fKuAIt50Q4hkJBRH2719FonOjz+qu5SpuuX52DL21h6oTDoJa/HuG+3TDhaWXTS0
+WVXKD+P+N/v/XToDo+013M0xbI55SyQYozp8AAX/8ZU6U0e2W0N7jpXJHNEyvy6s
+XsfjVKuHV0Cmvemv8KQOrJlt/NF1OYb1QZoQPWDSvOgiKQFTp8vYDTNVsb/mgHVW
+YoDTYuh4be+Z3gtA4Rahm36TIpy4VvKhsFbWN09aTPB66XQLuaZZHb5nA5vLVAMC
+AwEAATANBgkqhkiG9w0BAQsFAAOCAQEAoiuycWVVjmS9IMS1n9ll8UlIqq8dl7vs
+Y5ckGMrdSGR8BPgloTrB6ual4vRPgbn2rGBGAvGusdcmhc1vkVbYsI3JRpTTDDoE
+PvQqHWXwV2RDRU5kG6ZOsU+o01Ir4b3w3qfP2LT20FCuuAMIMh23PsSmoc7ziFZ8
+76+ox6FjhJMPMF2aftiDmP44/fFg16C1t2PFH/Bk4sm4qRdpXVcWeiaHaSF9JkHa
+XwW3TuDSxJwlFFU7ffTRgYYkQ61q8B0LjWV4FF1dBBqflAiXEhWcVhljqfsWn7rq
+NBJ/QzZ3GhgQO9GOCokh/ckcp/ZMOm9tv9lV2huGz8Akk8/UYhMUEg==
 -----END CERTIFICATE-----