[prev in list] [next in list] [prev in thread] [next in thread] 

List:       php-qa
Subject:    [PHP-QA] Bug #68234 [Csd]: The provided self-signed certificate for testing bug #65729 has expired
From:       tyrael () php ! net
Date:       2014-10-15 13:40:28
Message-ID: 201410151340.s9FDeS2J024500 () sgrv20 ! php ! net
[Download RAW message or body]

Edit report at https://bugs.php.net/bug.php?id=68234&edit=1

 ID:                 68234
 Updated by:         tyrael@php.net
 Reported by:        gm dot outside+php at gmail dot com
 Summary:            The provided self-signed certificate for testing bug
                     #65729 has expired
 Status:             Closed
 Type:               Bug
 Package:            Testing related
 Operating System:   Linux
 PHP Version:        5.6.1
-Assigned To:        
+Assigned To:        tyrael
 Block user comment: N
 Private report:     N

 New Comment:

for the record, this was already fixed in the PHP-5.6 branch:
http://git.php.net/?p=php-src.git;a=commit;h=d27f3e7b647892630583cb0091e96deb1f04411b


Previous Comments:
------------------------------------------------------------------------
[2014-10-15 13:14:32] datibbaw@php.net

Automatic comment on behalf of datibbaw
Revision: http://git.php.net/?p=php-src.git;a=commit;h=836a5dfddbe36e6171f29c0548af1c06c7fce6b1
                
Log: Fixed bug #68234

------------------------------------------------------------------------
[2014-10-15 13:07:55] gm dot outside+php at gmail dot com

The self-signed certificate can be regenerated with the following OpenSSL commands:
===
openssl genrsa -des3 -out server.key.enc 1024
openssl rsa < server.key.enc > server.key
openssl req -new -key server.key -out server.csr
# All fields can be left at defaults, except "Common Name", which should be \
*.test.com openssl x509 -req -days 9131 -in server.csr -signkey server.key -out \
server.crt # That's right :) 25 years
cat server.crt server.key > bug65729.pem
===

Then, just replace the certificate in the test suite (at \
ext/openssl/tests/bug65729.pem) with the newly generated one.  Test should pass now.

------------------------------------------------------------------------
[2014-10-15 12:55:14] gm dot outside+php at gmail dot com

Description:
------------
One of the tests for the ext/openssl extension (the test is for bug #65729) uses a \
self-signed certificate.  That certificate was generated with the OpenSSL default \
validity period of 365 days and is now expired: ===
/php-5.6.1/ext/openssl/tests $ openssl x509 -text < bug65729.pem | fgrep Issuer -A 4
        Issuer: C=SG, ST=Testville, O=datibbaw, CN=*.test.com
        Validity
            Not Before: Sep 21 07:52:24 2013 GMT
            Not After : Sep 21 07:52:24 2014 GMT
        Subject: C=SG, ST=Testville, O=datibbaw, CN=*.test.com
===

This renders the corresponding test useless since the validation of the certificate \
fails due to certificate's expiration.

Since it's a dummy self-signed certificate it would be advisable to set the validity \
period much much greater, say ten or 25 years.

Right now, PHP 5.6.1 cannot possibly pass its test suite until the certificate is \
regenerated.



------------------------------------------------------------------------



--
Edit this bug report at https://bugs.php.net/bug.php?id=68234&edit=1

-- 
PHP Quality Assurance Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php


[prev in list] [next in list] [prev in thread] [next in thread]