Add client-absolute-urn.pem to renewcerts.sh

This commit is contained in:
Kareem
2023-03-16 16:14:08 -07:00
parent cc51b2d52e
commit 5b08b016af
2 changed files with 28 additions and 0 deletions

View File

@ -24,6 +24,7 @@
# test/digsigku.pem
# ecc-privOnlyCert.pem
# client-uri-cert.pem
# client-absolute-uri.pem
# client-relative-uri.pem
# client-crl-dist.pem
# entity-no-ca-bool-cert.pem
@ -112,6 +113,26 @@ run_renewcerts(){
#openssl ec -inform pem -in certs/ecc-key.pem -outform der -out certs/ecc-keyPub.der -pubout
openssl ec -inform pem -in certs/ecc-key.pem -outform pem -out certs/ecc-keyPub.pem -pubout
############################################################
#### update the self-signed (2048-bit) client-absolute-urn.pem
############################################################
echo "Updating 2048-bit client-absolute-urn.pem"
echo ""
#pipe the following arguments to openssl req...
echo -e "US\\nMontana\\nBozeman\\nwolfSSL_2048\\nABSOLUTE_URN\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key client-key.pem -config ./wolfssl.cnf -nodes -out client-cert.csr
check_result $? "Step 1"
openssl x509 -req -in client-cert.csr -days 1000 -extfile wolfssl.cnf -extensions absolute_urn -signkey client-key.pem -out client-absolute-urn.pem
check_result $? "Step 2"
rm client-cert.csr
openssl x509 -in client-absolute-urn.pem -text > tmp.pem
check_result $? "Step 3"
mv tmp.pem client-absolute-urn.pem
echo "End of section"
echo "---------------------------------------------------------------------"
############################################################
#### update the self-signed (2048-bit) client-relative-uri.pem
############################################################

View File

@ -296,6 +296,13 @@ authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints=CA:false
subjectAltName=URI:https://www.wolfssl.com
# test parsing absolute URN
[ absolute_urn ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints=CA:false
subjectAltName=URI:urn:example:test
# test parsing relative URI
[ relative_uri ]
subjectKeyIdentifier=hash