Skip to content

Commit

Permalink
Merge pull request #6507 from bandi13/fix_certs_ocsp_renewcerts
Browse files Browse the repository at this point in the history 
Fix certs ocsp renewcerts
  • Loading branch information
@dgarske
dgarske authored Jun 21, 2023
2 parents 9204101 + 76cf3d6 commit 1bff338
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion certs/ocsp/renewcerts.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,10 +80,10 @@ update_cert server3 "www3.wolfssl.com" intermediate2-ca
update_cert server4 "www4.wolfssl.com" intermediate2-ca v3_req2 08 # REVOKED
update_cert server5 "www5.wolfssl.com" intermediate3-ca v3_req3 09


# Create response DER buffer for test
openssl ocsp -port 22221 -ndays 1000 -index index-ca-and-intermediate-cas.txt -rsigner ocsp-responder-cert.pem -rkey ocsp-responder-key.pem -CA root-ca-cert.pem -partial_chain &
PID=$!
sleep 1 # Make sure server is ready

openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response.der -noverify
openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response-nointern.der -no_intern -noverify
Expand All @@ -95,6 +95,7 @@ wait $PID
# now start up a responder that signs using rsa-pss
openssl ocsp -port 22221 -ndays 1000 -index index-ca-and-intermediate-cas.txt -rsigner ocsp-responder-cert.pem -rkey ocsp-responder-key.pem -CA root-ca-cert.pem -rsigopt rsa_padding_mode:pss &
PID=$!
sleep 1 # Make sure server is ready

openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response-rsapss.der -noverify
# can verify with the following command
Expand Down

0 comments on commit 1bff338

Please sign in to comment.