Commit graph

4 commits

Author SHA1 Message Date
Gilles Peskine da118e130d Regenerate test client certificates with a PrintableString issuer
The test certificate used for clients in compat.sh, cert_sha256.crt,
had the issuer ON and CN encoded as UTF8String, but the corresponding
CA certificate test-ca_cat12.crt had them encoded as PrintableString.
The strings matched, which is sufficient according to RFC 5280 §7.1
and RFC 4518 §2.1. However, GnuTLS 3.4.10 requires the strings to have
the same encoding, so it did not accept that the certificate issued by
UTF8String "PolarSSL Test CA" was validly issued by the
PrintableString "PolarSSL Test CA" CA.

ebc1f40aa0, merged via
https://github.com/ARMmbed/mbedtls/pull/1641 and released in Mbed TLS
2.14, updated these certificates.
4f928c0f37 merged, via
https://github.com/ARMmbed/mbedtls/pull/2418 fixed this in the 2.7 LTS
branch for the SHA-1 certificate which was used at the time. The
present commit applies the same fix for the SHA-256 certificate that
is now in use.

For uniformity, this commit regenerates all the cert_*.crt.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-21 19:15:51 +02:00
Ron Eldor 3936a0296d Update certificates to expire in 2029
Update certificates that expire on 2021, to prolong their validity,
to make tests pass three years ahead.
2019-07-10 17:23:06 +03:00
Paul Bakker 400ff6f0fd - Corrected parsing of UTCTime dates before 1990 and after 1950
- Support more exotic OID's when parsing certificates
 - Support more exotic name representations when parsing certificates
 - Replaced the expired test certificates
2011-02-20 10:40:16 +00:00
Paul Bakker 4d6b31a999 - Added extra certificates and tests 2009-07-12 11:11:06 +00:00