Mercurial > hg

view tests/sslcerts/README @ 29406:c2193e59ef9f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
revsets: passing a set to baseset() is not wrong Since 69c6e9623bdc (revset: force ascending order for baseset initialized from a set, 2016-04-04), it is safe to pass a revset to a baseset.
author Martin von Zweigbergk <martinvonz@google.com>
date Thu, 23 Jun 2016 12:39:05 -0700
parents 1e02d9576194
children 9d02bed8477b
line wrap: on
line source

Certificates created with:
 printf '.\n.\n.\n.\n.\nlocalhost\nhg@localhost\n' | \
 openssl req -newkey rsa:512 -keyout priv.pem -nodes -x509 -days 9000 -out pub.pem
Can be dumped with:
 openssl x509 -in pub.pem -text

 - priv.pem
 - pub.pem
 - pub-other.pem

pub.pem patched with other notBefore / notAfter:

 - pub-not-yet.pem
 - pub-expired.pem

Client certificates created with:
 openssl genrsa -aes128 -passout pass:1234 -out client-key.pem 512
 openssl rsa -in client-key.pem -passin pass:1234 -out client-key-decrypted.pem
 printf '.\n.\n.\n.\n.\n.\nhg-client@localhost\n.\n.\n' | \
 openssl req -new -key client-key.pem -passin pass:1234 -out client-csr.pem
 openssl x509 -req -days 9000 -in client-csr.pem -CA pub.pem -CAkey priv.pem \
 -set_serial 01 -out client-cert.pem

 - client-key.pem
 - client-key-decrypted.pem
 - client-cert.pem