1 files changed, 63 insertions, 0 deletions
diff --git a/plugins/tests/certs/generate-certs.sh b/plugins/tests/certs/generate-certs.sh
new file mode 100755
index 00000000..78660a26
--- /dev/null
+++ b/plugins/tests/certs/generate-certs.sh
@@ -0,0 +1,63 @@
+#!/bin/sh -e
+#
+# Recreates the https server certificates
+#
+# Set the GEN_EXPIRED environment variable to also regenerate
+# the expired certificate.
+cd "$(dirname "$0")"
+trap 'rm -f *.csr; rm -f clientca-cert.srl' EXIT
+subj() {
+        c="DE"
+        st="Bavaria"
+        l="Munich"
+        o="Monitoring Plugins"
+        cn="Monitoring Plugins"
+        emailAddress="devel@monitoring-plugins.org"
+        if [ -n "$1" ]; then
+                # Add to CN
+                cn="$cn $1"
+        fi
+        printf "/C=%s/ST=%s/L=%s/O=%s/CN=%s/emailAddress=%s" \
+                "$c" "$st" "$l" "$o" "$cn" "$emailAddress"
+}
+# server
+openssl req -new -x509 -days 3560 -nodes \
+        -keyout server-key.pem -out server-cert.pem \
+        -subj "$(subj)"
+# server, expired
+# there is generally no need to regenerate this, as it will stay epxired
+[ -n "$GEN_EXPIRED" ] && TZ=UTC faketime -f '2008-01-01 12:00:00' \
+        openssl req -new -x509 -days 1 -nodes \
+                -keyout expired-key.pem -out expired-cert.pem \
+                -subj "$(subj)"
+# client, ca
+openssl req -new -x509 -days 3560 -nodes \
+        -keyout clientca-key.pem -out clientca-cert.pem \
+        -subj "$(subj ClientCA)"
+echo "01" >clientca-cert.srl
+# client
+openssl req -new -nodes \
+        -keyout client-key.pem -out client-cert.csr \
+        -subj "$(subj Client)"
+openssl x509 -days 3560 -req -CA clientca-cert.pem -CAkey clientca-key.pem \
+        -in client-cert.csr -out client-cert.pem
+# client, intermediate
+openssl req -new -nodes \
+        -keyout clientintermediate-key.pem -out clientintermediate-cert.csr \
+        -subj "$(subj ClientIntermediate)"
+openssl x509 -days 3560 -req -CA clientca-cert.pem -CAkey clientca-key.pem \
+        -extfile ext.cnf -extensions client_ca \
+        -in clientintermediate-cert.csr -out clientintermediate-cert.pem
+# client, chain
+openssl req -new -nodes \
+        -keyout clientchain-key.pem -out clientchain-cert.csr \
+        -subj "$(subj ClientChain)"
+openssl x509 -days 3560 -req -CA clientca-cert.pem -CAkey clientca-key.pem \
+        -in clientchain-cert.csr -out clientchain-cert.pem
+cat clientintermediate-cert.pem >>clientchain-cert.pem

diff --git a/plugins/tests/certs/generate-certs.sh b/plugins/tests/certs/generate-certs.sh new file mode 100755 index 00000000..78660a26 --- /dev/null +++ b/plugins/tests/certs/generate-certs.sh
@@ -0,0 +1,63 @@
	1	#!/bin/sh -e
	2	#
	3	# Recreates the https server certificates
	4	#
	5	# Set the GEN_EXPIRED environment variable to also regenerate
	6	# the expired certificate.
	7
	8	cd "$(dirname "$0")"
	9	trap 'rm -f *.csr; rm -f clientca-cert.srl' EXIT
	10
	11	subj() {
	12	c="DE"
	13	st="Bavaria"
	14	l="Munich"
	15	o="Monitoring Plugins"
	16	cn="Monitoring Plugins"
	17	emailAddress="devel@monitoring-plugins.org"
	18
	19	if [ -n "$1" ]; then
	20	# Add to CN
	21	cn="$cn $1"
	22	fi
	23
	24	printf "/C=%s/ST=%s/L=%s/O=%s/CN=%s/emailAddress=%s" \
	25	"$c" "$st" "$l" "$o" "$cn" "$emailAddress"
	26	}
	27
	28	# server
	29	openssl req -new -x509 -days 3560 -nodes \
	30	-keyout server-key.pem -out server-cert.pem \
	31	-subj "$(subj)"
	32	# server, expired
	33	# there is generally no need to regenerate this, as it will stay epxired
	34	[ -n "$GEN_EXPIRED" ] && TZ=UTC faketime -f '2008-01-01 12:00:00' \
	35	openssl req -new -x509 -days 1 -nodes \
	36	-keyout expired-key.pem -out expired-cert.pem \
	37	-subj "$(subj)"
	38
	39	# client, ca
	40	openssl req -new -x509 -days 3560 -nodes \
	41	-keyout clientca-key.pem -out clientca-cert.pem \
	42	-subj "$(subj ClientCA)"
	43	echo "01" >clientca-cert.srl
	44	# client
	45	openssl req -new -nodes \
	46	-keyout client-key.pem -out client-cert.csr \
	47	-subj "$(subj Client)"
	48	openssl x509 -days 3560 -req -CA clientca-cert.pem -CAkey clientca-key.pem \
	49	-in client-cert.csr -out client-cert.pem
	50	# client, intermediate
	51	openssl req -new -nodes \
	52	-keyout clientintermediate-key.pem -out clientintermediate-cert.csr \
	53	-subj "$(subj ClientIntermediate)"
	54	openssl x509 -days 3560 -req -CA clientca-cert.pem -CAkey clientca-key.pem \
	55	-extfile ext.cnf -extensions client_ca \
	56	-in clientintermediate-cert.csr -out clientintermediate-cert.pem
	57	# client, chain
	58	openssl req -new -nodes \
	59	-keyout clientchain-key.pem -out clientchain-cert.csr \
	60	-subj "$(subj ClientChain)"
	61	openssl x509 -days 3560 -req -CA clientca-cert.pem -CAkey clientca-key.pem \
	62	-in clientchain-cert.csr -out clientchain-cert.pem
	63	cat clientintermediate-cert.pem >>clientchain-cert.pem