1 files changed, 4 insertions, 10 deletions

diff --git a/scripts/testroot.sh b/scripts/testroot.sh
index 320ee461..d06737ea 100644
--- a/scripts/testroot.sh
+++ b/scripts/testroot.sh
@@ -31,7 +31,7 @@ python rpkid.py & rpkid=$!
 
 python irbe-cli.py self --action create
 
-# Create a business signing context for parent, issue the necessary business cert, and set up the cert chain
+# Create a business signing context, issue the necessary business cert, and set up the cert chain
 
 python irbe-cli.py --pem_out bsc.req bsc --action create --self_id 1 --generate_keypair --signing_cert biz-certs/Bob-CA.cer
 $openssl x509 -req -in bsc.req -out bsc.cer -CA biz-certs/Bob-CA.cer -CAkey biz-certs/Bob-CA.key -CAserial biz-certs/Bob-CA.srl
@@ -50,16 +50,10 @@ python irbe-cli.py parent --self_id 1 --action create --bsc_id 1 --repository_id
     --https_ta biz-certs/Elena-Root.cer \
     --sia_base rsync://wombat.invalid/
 
-# Create a business signing context for child, issue the necessary business cert, and set up the cert chain
+# Create a child context -- note that we're using the -CA as trust anchor rather than -Root,
+# because the APNIC poke tool doesn't offer any way to construct CMS chains
 
-python irbe-cli.py --pem_out bsc.req bsc --action create --self_id 1 --generate_keypair --signing_cert biz-certs/Frank-CA.cer
-$openssl x509 -req -in bsc.req -out bsc.cer -CA biz-certs/Frank-CA.cer -CAkey biz-certs/Frank-CA.key -CAserial biz-certs/Frank-CA.srl
-python irbe-cli.py bsc --action set --self_id 1 --bsc_id 2 --signing_cert bsc.cer
-rm -f bsc.req bsc.cer
-
-# Create a child context
-
-python irbe-cli.py child --self_id 1 --action create --bsc_id 2 --cms_ta biz-certs/Ginny-Root.cer
+python irbe-cli.py child --self_id 1 --action create --bsc_id 1 --cms_ta biz-certs/Frank-CA.cer
 
 # Shut down rpkid