upstream/mercurial-mirror Files · tests/sslcerts/README

util: make new timedcmstats class Python 3 compatible

Gregory Szorc - - Load All Authors

File last commit:

r29579:43f3c0df default


                r38848:9d49bb11

default

Download file

             README
        
                    45 lines
            
             | 1.8 KiB
            
                | text/plain
            
             |
                TextLexer

/ tests / sslcerts / README

History | Source | Raw |Copy content |Copy permalink

Gregory Szorc tests: regenerate x509 test certificates...	r29526	Generate a private key (priv.pem):

		$ openssl genrsa -out priv.pem 2048

		Generate 2 self-signed certificates from this key (pub.pem, pub-other.pem):

Gregory Szorc tests: update test certificate generation instructions...	r29579	$ openssl req -new -x509 -key priv.pem -nodes -sha256 -days 9000 \
		-out pub.pem -batch -subj '/CN=localhost/emailAddress=hg@localhost/'
		$ openssl req -new -x509 -key priv.pem -nodes -sha256 -days 9000 \
		-out pub-other.pem -batch -subj '/CN=localhost/emailAddress=hg@localhost/'
Yuya Nishihara tests: extract SSL certificates from test-https.t...	r29331
Gregory Szorc tests: regenerate x509 test certificates...	r29526	Now generate an expired certificate by turning back the system time:

Gregory Szorc tests: update test certificate generation instructions...	r29579	$ faketime 2016-01-01T00:00:00Z \
		openssl req -new -x509 -key priv.pem -nodes -sha256 -days 1 \
		-out pub-expired.pem -batch -subj '/CN=localhost/emailAddress=hg@localhost/'
Yuya Nishihara tests: extract SSL certificates from test-https.t...	r29331
Gregory Szorc tests: regenerate x509 test certificates...	r29526	Generate a certificate not yet active by advancing the system time:

Gregory Szorc tests: update test certificate generation instructions...	r29579	$ faketime 2030-01-1T00:00:00Z \
		openssl req -new -x509 -key priv.pem -nodes -sha256 -days 1 \
		-out pub-not-yet.pem -batch -subj '/CN=localhost/emailAddress=hg@localhost/'
Gregory Szorc tests: regenerate x509 test certificates...	r29526
		Generate a passphrase protected client certificate private key:

		$ openssl genrsa -aes256 -passout pass:1234 -out client-key.pem 2048

		Create a copy of the private key without a passphrase:

		$ openssl rsa -in client-key.pem -passin pass:1234 -out client-key-decrypted.pem
Yuya Nishihara tests: extract SSL certificates from test-https.t...	r29331
Gregory Szorc tests: regenerate x509 test certificates...	r29526	Create a CSR and sign the key using the server keypair:

		$ printf '.\n.\n.\n.\n.\n.\nhg-client@localhost\n.\n.\n' \| \
		openssl req -new -key client-key.pem -passin pass:1234 -out client-csr.pem
		$ openssl x509 -req -days 9000 -in client-csr.pem -CA pub.pem -CAkey priv.pem \
		-set_serial 01 -out client-cert.pem
Yuya Nishihara tests: extract SSL certificates from test-https.t...	r29331
Gregory Szorc tests: regenerate x509 test certificates...	r29526	When replacing the certificates, references to certificate fingerprints will
		need to be updated in test files.

		Fingerprints for certs can be obtained by running:

		$ openssl x509 -in pub.pem -noout -sha1 -fingerprint
		$ openssl x509 -in pub.pem -noout -sha256 -fingerprint

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages