diff options
| author | Rob Austein <sra@hactrn.net> | 2007-11-06 18:44:52 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2007-11-06 18:44:52 +0000 |
| commit | 1b9b0d3b35fc13af925b72b21a35f1a608737a94 (patch) | |
| tree | 72d5b70cc5a189bb43d4d5b830dc442481f91973 | |
| parent | d9c05fedd31c8d97f0ea616600f3cd61c6655c77 (diff) | |
Checkpoint
svn path=/scripts/testpoke.yaml; revision=1247
| -rw-r--r-- | scripts/testpoke.yaml | 8 | ||||
| -rw-r--r-- | scripts/testroot.sh | 14 |
2 files changed, 8 insertions, 14 deletions
diff --git a/scripts/testpoke.yaml b/scripts/testpoke.yaml index a57b78a6..b0635740 100644 --- a/scripts/testpoke.yaml +++ b/scripts/testpoke.yaml @@ -6,12 +6,12 @@ posturl: https://localhost:4433/up-down/1 recipient-id: wombat sender-id: bandicoot -cms-cert-file: biz-certs/Elena-EE.cer -cms-key-file: biz-certs/Elena-EE.key +cms-cert-file: biz-certs/Frank-EE.cer +cms-key-file: biz-certs/Frank-EE.key cms-ca-cert-file: biz-certs/Bob-Root.cer -#ssl-cert-file: biz-certs/Elena-EE.cer -#ssl-key-file: biz-certs/Elena-EE.key +#ssl-cert-file: biz-certs/Frank-EE.cer +#ssl-key-file: biz-certs/Frank-EE.key ssl-ca-cert-file: biz-certs/Bob-Root.cer requests: diff --git a/scripts/testroot.sh b/scripts/testroot.sh index 320ee461..d06737ea 100644 --- a/scripts/testroot.sh +++ b/scripts/testroot.sh @@ -31,7 +31,7 @@ python rpkid.py & rpkid=$! python irbe-cli.py self --action create -# Create a business signing context for parent, issue the necessary business cert, and set up the cert chain +# Create a business signing context, issue the necessary business cert, and set up the cert chain python irbe-cli.py --pem_out bsc.req bsc --action create --self_id 1 --generate_keypair --signing_cert biz-certs/Bob-CA.cer $openssl x509 -req -in bsc.req -out bsc.cer -CA biz-certs/Bob-CA.cer -CAkey biz-certs/Bob-CA.key -CAserial biz-certs/Bob-CA.srl @@ -50,16 +50,10 @@ python irbe-cli.py parent --self_id 1 --action create --bsc_id 1 --repository_id --https_ta biz-certs/Elena-Root.cer \ --sia_base rsync://wombat.invalid/ -# Create a business signing context for child, issue the necessary business cert, and set up the cert chain +# Create a child context -- note that we're using the -CA as trust anchor rather than -Root, +# because the APNIC poke tool doesn't offer any way to construct CMS chains -python irbe-cli.py --pem_out bsc.req bsc --action create --self_id 1 --generate_keypair --signing_cert biz-certs/Frank-CA.cer -$openssl x509 -req -in bsc.req -out bsc.cer -CA biz-certs/Frank-CA.cer -CAkey biz-certs/Frank-CA.key -CAserial biz-certs/Frank-CA.srl -python irbe-cli.py bsc --action set --self_id 1 --bsc_id 2 --signing_cert bsc.cer -rm -f bsc.req bsc.cer - -# Create a child context - -python irbe-cli.py child --self_id 1 --action create --bsc_id 2 --cms_ta biz-certs/Ginny-Root.cer +python irbe-cli.py child --self_id 1 --action create --bsc_id 1 --cms_ta biz-certs/Frank-CA.cer # Shut down rpkid |