History log of /curl/tests/certs/Server-localhost.nn-sv.pem (Results 1 – 10 of 10)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 1ccdad64 27-Jun-2024 Viktor Szakats

CI: add whitespace checker

Fix issues detected.

Also:

- One of the `.vc` files used LF EOLs, while the other didn't.
Make that one also use LF EOLs, as this is appare

CI: add whitespace checker

Fix issues detected.

Also:

- One of the `.vc` files used LF EOLs, while the other didn't.
Make that one also use LF EOLs, as this is apparently supported by
`nmake`.

- Drop `.dsw` and `.btn` types from `.gitattributes`.
The repository doesn't use them.

- Sync section order with the rest of files in
`tests/certs/EdelCurlRoot-ca.prm`.

- Indent/align `.prm` and `.pem` files.

- Delete dummy `[something]` section from `.prm` and `.pem` files.

Mental note:
MSVC `.sln` files seem to accept spaces for indentation and also support
LF line-endings. I cannot test this and I don't know what's more
convenient when updating them, so left them as-is, with specific
exclusions.

Closes #14031

show more ...


# ef07452a 23-Dec-2022 Paul Howarth

tests: avoid use of sha1 in certificates

The SHA-1 algorithm is deprecated (particularly for security-sensitive
applications) in a variety of OS environments. This already affects
RH

tests: avoid use of sha1 in certificates

The SHA-1 algorithm is deprecated (particularly for security-sensitive
applications) in a variety of OS environments. This already affects
RHEL-9 and derivatives, which are not willing to use certificates using
that algorithm. The fix is to use sha256 instead, which is already used
for most of the other certificates in the test suite.

Fixes #10135

This gets rid of issues related to sha1 signatures.

Manual steps after "make clean-certs" and "make build-certs":

- Copy tests/certs/stunnel-sv.pem to tests/stunnel.pem
(make clean-certs does not remove the original tests/stunnel.pem)

- Copy tests/certs/Server-localhost-sv.pubkey-pinned into --pinnedpubkey
options of tests/data/test2041 and tests/data/test2087

Closes #10153

show more ...


# f7029718 25-Nov-2022 Stefan Eissing

tests: add authorityInfoAccess to generated certs

Generate stunnel.pem as well

Closes #9980


Revision tags: curl-7_76_1, curl-7_76_0, curl-7_75_0, curl-7_74_0, curl-7_73_0, tiny-curl-7_72_0, curl-7_72_0, curl-7_71_1, curl-7_71_0, curl-7_70_0, curl-7_69_1, curl-7_69_0, curl-7_68_0, curl-7_67_0, curl-7_66_0, curl-7_65_3, curl-7_65_2, curl-7_65_1, curl-7_65_0, curl-7_64_1, curl-7_64_0, curl-7_63_0, curl-7_62_0
# ba782baa 19-Sep-2018 Daniel Stenberg

certs: generate tests certs with sha256 digest algorithm

As OpenSSL 1.1.1 starts to complain and fail on sha1 CAs:

"SSL certificate problem: CA signature digest algorithm too weak"

certs: generate tests certs with sha256 digest algorithm

As OpenSSL 1.1.1 starts to complain and fail on sha1 CAs:

"SSL certificate problem: CA signature digest algorithm too weak"

Closes #3014

show more ...


# 92f9db17 10-Sep-2018 Yiming Jing

tests/certs: rebuild certs with 2048-bit RSA keys

The previous test certificates contained RSA keys of only 1024 bits.
However, RSA claims that 1024-bit RSA keys are likely to become

tests/certs: rebuild certs with 2048-bit RSA keys

The previous test certificates contained RSA keys of only 1024 bits.
However, RSA claims that 1024-bit RSA keys are likely to become
crackable some time before 2010. The NIST recommends at least 2048-bit
keys for RSA for now.

Better use full 2048 also for testing.

Closes #2973

show more ...


Revision tags: curl-7_61_1, curl-7_61_0, curl-7_60_0, curl-7_59_0, curl-7_58_0, curl-7_57_0, curl-7_56_1, curl-7_56_0, curl-7_55_1, curl-7_55_0, curl-7_54_1, curl-7_54_0
# f7df67cf 26-Mar-2017 klemens

spelling fixes

Closes #1356


Revision tags: curl-7_53_1, curl-7_53_0, curl-7_52_1, curl-7_52_0, curl-7_51_0, curl-7_50_3, curl-7_50_2, curl-7_50_1, curl-7_50_0, curl-7_49_1, curl-7_49_0, curl-7_48_0, curl-7_47_1, curl-7_47_0, curl-7_46_0, curl-7_45_0, curl-7_44_0, curl-7_43_0, curl-7_42_1, curl-7_42_0
# f9251a5c 21-Mar-2015 Dan Fandrich

tests/certs: rebuild certificates with modified key usage bits

The certificates were missing the digitalSignature and keyAgreement
usage types, of which at least digitalSignature was che

tests/certs: rebuild certificates with modified key usage bits

The certificates were missing the digitalSignature and keyAgreement
usage types, of which at least digitalSignature was checked by CyaSSL.
This caused the test server in test 310 (among others) to fail the
startup verification and therefore run (see
http://curl.haxx.se/mail/lib-2014-07/0303.html).

show more ...


Revision tags: curl-7_41_0, curl-7_40_0, curl-7_39_0, curl-7_38_0, curl-7_37_1, curl-7_37_0, curl-7_36_0, curl-7_35_0, curl-7_34_0, curl-7_33_0, curl-7_32_0, curl-7_31_0, curl-7_30_0, curl-7_29_0, curl-7_28_1, curl-7_28_0, curl-7_27_0, curl-7_26_0, curl-7_25_0, curl-7_24_0, curl-7_23_1, curl-7_23_0, curl-7_22_0, curl-7_21_7, curl-7_21_6, curl-7_21_5, curl-7_21_4, curl-7_21_3, curl-7_21_2, curl-7_21_1, curl-7_21_0
# 99179da4 27-May-2010 Kamil Dudka

tests/certs: re-generated because of lost pass-phrase


Revision tags: curl-7_20_1, curl-7_20_0
# 4d922545 28-Nov-2009 Yang Tse

- Added Diffie-Hellman parameters to several test harness certificate files in
PEM format. Required by several stunnel versions used by our test harness.


Revision tags: curl-7_19_7, curl-7_19_6
# e73fe837 11-Aug-2009 Daniel Stenberg

- Peter Sylvester made the HTTPS test server use specific certificates for
each test, so that the test suite can now be used to actually test the
verification of cert names etc. This made

- Peter Sylvester made the HTTPS test server use specific certificates for
each test, so that the test suite can now be used to actually test the
verification of cert names etc. This made an error show up in the OpenSSL-
specific code where it would attempt to match the CN field even if a
subjectAltName exists that doesn't match. This is now fixed and verified
in test 311.

show more ...