[Spice-devel] [PATCH spice-server] tests/pki: Use CA/certificate valid until 2048 and with 2048 bits
Frediano Ziglio
fziglio at redhat.com
Wed Dec 5 11:27:18 UTC 2018
>
> This changes tests/pki/server-cert.pem and tests/pki/ca-cert.pem to have
> 2048 bits. These certificates were generated using the
> instructions on https://www.spice-space.org/spice-user-manual.html
> The -subj args were omitted, and the defaults suggested by openssl used.
> The -days parameter was changed to -days 10950, the bits to 2048.
>
> This fixes https://gitlab.freedesktop.org/spice/spice/issues/27.
>
> Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
Successful run on CI:
https://gitlab.freedesktop.org/fziglio/spice/pipelines/11136
> ---
> server/tests/pki/ca-cert.pem | 27 ++++++++++++++---------
> server/tests/pki/server-cert.pem | 23 +++++++++++--------
> server/tests/pki/server-key.pem | 38 +++++++++++++++++++++-----------
> 3 files changed, 55 insertions(+), 33 deletions(-)
>
> diff --git a/server/tests/pki/ca-cert.pem b/server/tests/pki/ca-cert.pem
> index caa9312e..2e40da24 100644
> --- a/server/tests/pki/ca-cert.pem
> +++ b/server/tests/pki/ca-cert.pem
> @@ -1,15 +1,20 @@
> -----BEGIN CERTIFICATE-----
> -MIICUjCCAbugAwIBAgIJAKM/WOQQB3iqMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNV
> +MIIDWjCCAkKgAwIBAgIJAILhGzNuNWQHMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNV
> BAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQg
> -Q29tcGFueSBMdGQwHhcNMTcwMzIzMTA0MDEwWhcNNDcwMzE2MTA0MDEwWjBCMQsw
> +Q29tcGFueSBMdGQwHhcNMTgxMjA0MTIxNjAzWhcNNDgxMTI2MTIxNjAzWjBCMQsw
> CQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZh
> -dWx0IENvbXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZXCWk
> -OuMVr45sAE9a7RM1K2brRdwzjdEqy1OV0dhqymL9YG/iygGp4HqwkLvLqEewq1bD
> -sCcIbRlOidmBv9+uhy2zU9tBzaAptB7Vb6lAAa0PHlUQnQskVcPCwsK7RxwWw0/J
> -pfld8qDAY1t8qM6mSy9Kuyk0X4FOvcuVQKCmiQIDAQABo1AwTjAdBgNVHQ4EFgQU
> -eCFCqTxHPsa+7B0vcCZyxEgCnBwwHwYDVR0jBBgwFoAUeCFCqTxHPsa+7B0vcCZy
> -xEgCnBwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQBr+TeJqQH+SlAp
> -GcA90SkGnqcEJSijjF9qcgmL0F5Z/yCBDaZa6F3wh/rXNZB2rKfQGW6Mem9KS8cm
> -lui4A1pomMZBWQMwUYP02UF1fHg76RCG7PMhBZR2GkqHqHWfZBfFigdIWKFrm5fq
> -92l4opvf97dSiOF9x1JLPUeoOOJL8A==
> +dWx0IENvbXBhbnkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
> +8jyIHqDhnkoNNMnC9ACMTgN0nZSJh0F2QQw4vajumoyVQ2wQmAC2BsndvYPhZV3/
> +2pGTl6X4LANUPWqGxp++ZJrzBUFPLIYKe1T7DCPyvoJoI6BKHYb15OrokryylGkO
> +QKgWYbCl3p+2R9KaADYWQdHaMs1VzKuEtZ5dmX9Or3qbU88tDeLvbirVhCxmmt2x
> +F4NF4V1ZKVud5DanPGxtSnNydmTvkaBwPTWYig6EpBp+UlV+cH1P7vbORXnNlT4C
> +x54d1v8qJIxunbYq/je0lgdIDYU/gFZ6t8PoS5iuP0s7aFjOfBCjl41oO3R4gNob
> +VXZQA7kVreiLbc6O9orbKwIDAQABo1MwUTAdBgNVHQ4EFgQUcDtvufvglN3CQ55v
> +3J30/2S7WDMwHwYDVR0jBBgwFoAUcDtvufvglN3CQ55v3J30/2S7WDMwDwYDVR0T
> +AQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAsAFKXWd8gBmp1yybvUUDIPDr
> +t+sPp71KcXkmhTEn8LL2xcYRhvAGgzhYQb/pCCvNU9to7TLlcehSlrfrzV7KwJzk
> +UWlxCd/lmTU/eM0rlxzzO90xV37u0H7BKSqBKQBrvuMEk9H2T+oXg9rkP8dQBQKF
> +BmrU7udE1SO324b5H1Sh3JobvvZ5IUei8nE5yqnGO3Oo8dl/V9LLyFdR+dCaE1jt
> +JrGxLUBfQthPmdI9V+A6oD45v5VS1Lbdg6SAfCuhqlCAZeg89gywy3v9DpKSZ8So
> +szIgdn8akS4vmcLv9qvwcIrf6rg1k11OJLGbGj0ySx30gREGFbVSwHq789LsfA==
> -----END CERTIFICATE-----
> diff --git a/server/tests/pki/server-cert.pem
> b/server/tests/pki/server-cert.pem
> index 4bb20241..5ace4081 100644
> --- a/server/tests/pki/server-cert.pem
> +++ b/server/tests/pki/server-cert.pem
> @@ -1,13 +1,18 @@
> -----BEGIN CERTIFICATE-----
> -MIIB8zCCAVwCAQEwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCWFgxFTATBgNV
> +MIIC+DCCAeACAQEwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCWFgxFTATBgNV
> BAcMDERlZmF1bHQgQ2l0eTEcMBoGA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDAe
> -Fw0xNzAzMjMxMDQwNDVaFw00NzAzMTYxMDQwNDVaMEIxCzAJBgNVBAYTAlhYMRUw
> +Fw0xODEyMDQxMjE2MDlaFw00ODExMjYxMjE2MDlaMEIxCzAJBgNVBAYTAlhYMRUw
> EwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBM
> -dGQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMXDPMZLse8CuEwJKMkvEdmB
> -wK+33T0jOMkUJPt8LseLCjXmYOir2gWrsnP5fgxpwx/Xxb61ivwhAtC2mFcy3xXp
> -RNkDHk3F2XpGwD0Msj9tR9DYidyRz/rN1BRth5ZLm0TvjmwWcBb7qWICIVTLsp6z
> -XuM/erA3E00s7VANBlaPAgMBAAEwDQYJKoZIhvcNAQELBQADgYEA2Om01Qav2OQc
> -ZjIPUmlqSzY96xyT8gzCIOyQikCuJ3Qdem4Qv1c9RxDFxNSrnNINx7Rrtkqp7dM7
> -st+gUqdKc2jvb301TbS+SlDaK1Nre5vB8bPg1cJxUwWX1fDy2igIok0KmM1P7S8M
> -isa/qmobRb4rzvn3blThesqFez9xRhk=
> +dGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGeaFsglHGN+XLMscC
> +XEgYk10zsVZ2PvMO/cVRd5ykaHUFUknOnoImxnxWhfTKmlkM7W4fZCXulc0oOxpy
> +ycTxsLzePAvlq/lMSTHK44mQWAB5vwZq6fEBMN6op2m09VqJjSc6CNoH+b5lDm+B
> +fx4SvC+ZBSdoRXoonqnNsqcTzp7NkSqD9kJHYFF4I60CdTwXqhNBUqSJ+F1QJoJS
> +K2DAnJUMDwHQfoWHWuuX/SM1adh6NrxXNNQ99TrAwtm3faUF6D3narNfjUVzSMlk
> +FWBOxnZojny8gt4xONp/1VXYRnA17wst2SbxPYaux/NAQVFrb9btIs+31JZe/9iC
> +LrD9AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGZKPFTKyplFuyn//kM7ZncZKbST
> +zjSoCljAkrOL6bPpgZ4Q2U1HVH5OFtYyH5p6woMY4GKqhq+hy+O6lfGmbiGg+cB0
> +doVH+/Tn6cWuctIu9Afb3JQWnagZMJLiUBBNYkRtFpxHDatRzsuJnzr66d0zne3v
> +reCvRYi/H36H0zY6xtvR6DORSy0EJ1C/PiRXUW+Uag2l0IcHsj6UlJ9gqYk+4bNL
> +u7rJcP11aGcdDcBwv/c08iYIcu3co0hxKMUpgPiz8wAipJSjDsJPYmeJcZyllBPk
> +XvCKpRHS8EhaYQ4lZbChJPR8RDlf9J1z4wY8HMcVKHTQfp9q9XrsbOJ4x/o=
> -----END CERTIFICATE-----
> diff --git a/server/tests/pki/server-key.pem
> b/server/tests/pki/server-key.pem
> index 0851142b..f6a3aa79 100644
> --- a/server/tests/pki/server-key.pem
> +++ b/server/tests/pki/server-key.pem
> @@ -1,15 +1,27 @@
> -----BEGIN RSA PRIVATE KEY-----
> -MIICXAIBAAKBgQDFwzzGS7HvArhMCSjJLxHZgcCvt909IzjJFCT7fC7Hiwo15mDo
> -q9oFq7Jz+X4MacMf18W+tYr8IQLQtphXMt8V6UTZAx5Nxdl6RsA9DLI/bUfQ2Inc
> -kc/6zdQUbYeWS5tE745sFnAW+6liAiFUy7Kes17jP3qwNxNNLO1QDQZWjwIDAQAB
> -AoGACwzjwnjMUnyma6k/XC6DItI7QBZYCGiFbcbwYhUIUCIWyfg7hgTEQ/jaGdzh
> -DDSEsKzP4d4nC/uUOrFZRdYT3P5pXXFOFHkCiiG6IZeoQ0nO1CNBh/t08Wcy9ASt
> -o9wIvAQHvvdp5vKBmkOydFWvnMix5ZOrWiAHVQo1vaUiYYECQQDoPsky1zpc9Ehf
> -8FY5Ayro62sxa0hwCNxdrFPu8d6M/J0iz+n47YhyKISE9498dWXepSe06rd2oMQ8
> -DubEF6xhAkEA2f2LFT1N6m6xQPlVkxmNc5M1RWmShmEiV818kgr7/ywk4VBD0RxT
> -yVwuEier2n92DFLzN7o1wQtqxeQnXwVo7wJAXNMLc6iWiSSR8NaMf8kGU4YUl/H7
> -R9wix8Xi3jQJ8WveGlXjfDzkNkx/eu2/ic0aZDy6fBL8NQvYovCJx4J2wQJAJlCR
> -JJ+M1Vq1XwU0DFHeceT65QNkVKg4ABTHA2hY2IXqyYtxEA0ZkPfZxSkh5Jqopgvi
> -YfYhwpd+IeAzJ1ltEwJBAMmPD9K/RzZKm05AZ20hVgo+BkLRQ5XlWtIuyiB8gFy1
> -OfpkFifKxclsVxT2WTizfZD0vlmlACrdiE4z4Zf/+/0=
> +MIIEpAIBAAKCAQEAxnmhbIJRxjflyzLHAlxIGJNdM7FWdj7zDv3FUXecpGh1BVJJ
> +zp6CJsZ8VoX0yppZDO1uH2Ql7pXNKDsacsnE8bC83jwL5av5TEkxyuOJkFgAeb8G
> +aunxATDeqKdptPVaiY0nOgjaB/m+ZQ5vgX8eErwvmQUnaEV6KJ6pzbKnE86ezZEq
> +g/ZCR2BReCOtAnU8F6oTQVKkifhdUCaCUitgwJyVDA8B0H6Fh1rrl/0jNWnYeja8
> +VzTUPfU6wMLZt32lBeg952qzX41Fc0jJZBVgTsZ2aI58vILeMTjaf9VV2EZwNe8L
> +Ldkm8T2GrsfzQEFRa2/W7SLPt9SWXv/Ygi6w/QIDAQABAoIBAEBJrYvkOnCmMny7
> +GdMd6Qxsz0erLYJnqXs1n/BfehGW9DChEt8mYKoGqMet5Dir/iQ90+m/GrpJM4bQ
> +fiSoTm6q/MJPWNsv9TRMkSBSy4BBwQWuZnnDBRmJptWiRI8k2gqr+gTGUTk8H/vD
> +zUJ41ljjM9ew367aslLt8bp7H7s+JBLi60F9PnnMJ+fZJpdB2trRvzwp0gWN1kEy
> +VQUydSEV1yLT/rFkFcm8gRceTlh2yb3CPbZDMF/CExNahnxFaibKYtXd7J26jHKN
> +TbSPO7Rm6e3AcyLZMxyyC4PcU975Bg22HThZFEYDCYLyZuc4zCHxnWFmtEhEc/Vn
> +AHEaW9ECgYEA4nDLUHt7y6HUUr/TJo5fNJ5Jc/yK+2J/brUmVBiL49j+rvpqfq8A
> +1ozT6Ga6I+PjRhA+CvrjfCG7wUi71rjx1QGThCGUrko7VYG/Un3jus1dem/PR/nq
> +Tt27GTalmwCIjrHxUH6CTv4uOKdd7LlEXNqyqq2UbGShOai0xsOPr2cCgYEA4GJI
> +vohNsuhfjA7K+PdJ3BmRtC5WIUZYthT86//vumn4AURmUJvWc5+q0cC6tPM01HIH
> +BqO/ZFPD7p9GIh9ZbDWsEL5A4r3sLT2vFk3MV9iwiqb0WpZbg9KVuhNOaZ47JKFR
> +YxpaHcLUdcDXvrqz+o/l2ITG5x/FFkMQlRiNMfsCgYEA2R15dEPSIR+bq3QOCyv7
> +kUIr/7Anun1o3keG5p9aki8fk7q7nZhC33TMQkstMvhwlF9Cfditgfn+Qodww6M1
> +DR2jyc9A9hRq68OqJHhcgGIkvR6zyrmPterYWIaTJxnN1bQ8Qwfp/b+tpdikMDQ7
> +niR7pzcj1wJtrBFctDASdwUCgYEAxCUGZA/wo+k/xMYVpic9WHq9hJ1Qy0ucNqcI
> +JSEYpYMGuczaB7MCdxZnE25/h7hmQSPggmxX3VLgHtL6Us/GsrIEVKqLO+o775xR
> +VpTxgQU55iplxl5TZ1uJaRyBWhBosO+XnqMljYiHgtvtfJvmwqxRhsEiwl1iQsCj
> +WUIaA0sCgYAuRXM1HmWzAfCpANJVWyjswr9Zg4KjCC2QSM2XOGaTISyNPyKyQ3Yf
> ++xz41ggx6uss1oyyYTXkZ+mGsJJ3fFZWG3k/w0tZwMhS9RzFd1qJTrMqXy+MeCG1
> +nb2nTEYNih5Yq5A+ZzYWhSZ7qAZP0oFdtb6TaR8ke3SYFpJqZzvD7g==
> -----END RSA PRIVATE KEY-----
More information about the Spice-devel
mailing list