[PHP-QA] Bug #68234 [Opn->Csd]: The provided self-signed certificate for testing bug #65729 has expired

Wed, 15 Oct 2014 06:15:08 -0700 

Edit report at https://bugs.php.net/bug.php?id=68234&edit=1

 ID:                 68234
 Updated by:         datib...@php.net
 Reported by:        gm dot outside+php at gmail dot com
 Summary:            The provided self-signed certificate for testing bug
                     #65729 has expired
-Status:             Open
+Status:             Closed
 Type:               Bug
 Package:            Testing related
 Operating System:   Linux
 PHP Version:        5.6.1
 Block user comment: N
 Private report:     N

 New Comment:

Automatic comment on behalf of datibbaw
Revision: 
http://git.php.net/?p=php-src.git;a=commit;h=836a5dfddbe36e6171f29c0548af1c06c7fce6b1
Log: Fixed bug #68234


Previous Comments:
------------------------------------------------------------------------
[2014-10-15 13:07:55] gm dot outside+php at gmail dot com

The self-signed certificate can be regenerated with the following OpenSSL 
commands:
===
openssl genrsa -des3 -out server.key.enc 1024
openssl rsa < server.key.enc > server.key
openssl req -new -key server.key -out server.csr
# All fields can be left at defaults, except "Common Name", which should be 
*.test.com
openssl x509 -req -days 9131 -in server.csr -signkey server.key -out server.crt
# That's right :) 25 years
cat server.crt server.key > bug65729.pem
===

Then, just replace the certificate in the test suite (at 
ext/openssl/tests/bug65729.pem) with the newly generated one.  Test should pass 
now.

------------------------------------------------------------------------
[2014-10-15 12:55:14] gm dot outside+php at gmail dot com

Description:
------------
One of the tests for the ext/openssl extension (the test is for bug #65729) 
uses a self-signed certificate.  That certificate was generated with the 
OpenSSL default validity period of 365 days and is now expired:
===
/php-5.6.1/ext/openssl/tests $ openssl x509 -text < bug65729.pem | fgrep Issuer 
-A 4
        Issuer: C=SG, ST=Testville, O=datibbaw, CN=*.test.com
        Validity
            Not Before: Sep 21 07:52:24 2013 GMT
            Not After : Sep 21 07:52:24 2014 GMT
        Subject: C=SG, ST=Testville, O=datibbaw, CN=*.test.com
===

This renders the corresponding test useless since the validation of the 
certificate fails due to certificate's expiration.

Since it's a dummy self-signed certificate it would be advisable to set the 
validity period much much greater, say ten or 25 years.

Right now, PHP 5.6.1 cannot possibly pass its test suite until the certificate 
is regenerated.



------------------------------------------------------------------------



--
Edit this bug report at https://bugs.php.net/bug.php?id=68234&edit=1

-- 
PHP Quality Assurance Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to