pgsql: Set fixed dates for test certificates validity - Mailing list pgsql-committers

Set fixed dates for test certificates validity

Rather than specifying a validity of 10 000 days into the future
during test certificate generation, this hardcodes the notBefore
and notAfter attributes to known values. This will allow writing
tests on the validity of the certificates without knowing when a
specific certificate was regenerated.

This is done as a prerequisite for an upcoming patch which adds
notBefore and notAfter to pg_stat_ssl and sslinfo.

Discussion: https://postgr.es/m/EE288A58-947E-479A-9D99-C46C273D7A23@yesql.se

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/40fad96530caf190a3babf322ca705e744c393bb

Modified Files
--------------
src/test/ssl/conf/cas.config                       |  5 +-
src/test/ssl/ssl/both-cas-1.crt                    | 70 ++++++++++++----------
src/test/ssl/ssl/both-cas-2.crt                    | 70 ++++++++++++----------
src/test/ssl/ssl/client+client_ca.crt              | 65 ++++++++++----------
src/test/ssl/ssl/client-crldir/9bb9e3c3.r0         | 20 +++----
src/test/ssl/ssl/client-dn.crt                     | 32 +++++-----
src/test/ssl/ssl/client-long.crt                   | 34 +++++------
src/test/ssl/ssl/client-revoked-utf8.crt           | 30 +++++-----
src/test/ssl/ssl/client-revoked.crt                | 30 +++++-----
src/test/ssl/ssl/client.crl                        | 20 +++----
src/test/ssl/ssl/client.crt                        | 30 +++++-----
src/test/ssl/ssl/client_ca.crt                     | 35 ++++++-----
src/test/ssl/ssl/client_ext.crt                    | 33 +++++-----
src/test/ssl/ssl/root+client-crldir/9bb9e3c3.r0    | 20 +++----
src/test/ssl/ssl/root+client.crl                   | 20 +++----
src/test/ssl/ssl/root+client_ca.crt                | 35 ++++++-----
src/test/ssl/ssl/root+server-crldir/a836cc2d.r0    | 18 +++---
src/test/ssl/ssl/root+server.crl                   | 18 +++---
src/test/ssl/ssl/root+server_ca.crt                | 35 ++++++-----
src/test/ssl/ssl/server-cn-and-alt-names.crt       | 36 +++++------
src/test/ssl/ssl/server-cn-and-ip-alt-names.crt    | 35 +++++------
src/test/ssl/ssl/server-cn-only+server_ca.crt      | 67 +++++++++++----------
src/test/ssl/ssl/server-cn-only.crt                | 32 +++++-----
src/test/ssl/ssl/server-crldir/a836cc2d.r0         | 18 +++---
src/test/ssl/ssl/server-ip-alt-names.crt           | 33 +++++-----
src/test/ssl/ssl/server-ip-cn-and-alt-names.crt    | 34 ++++++-----
.../ssl/ssl/server-ip-cn-and-dns-alt-names.crt     | 35 +++++------
src/test/ssl/ssl/server-ip-cn-only.crt             | 30 +++++-----
src/test/ssl/ssl/server-ip-in-dnsname.crt          | 32 +++++-----
src/test/ssl/ssl/server-multiple-alt-names.crt     | 36 +++++------
src/test/ssl/ssl/server-no-names.crt               | 30 +++++-----
src/test/ssl/ssl/server-revoked.crt                | 32 +++++-----
src/test/ssl/ssl/server-single-alt-name.crt        | 33 +++++-----
src/test/ssl/ssl/server.crl                        | 18 +++---
src/test/ssl/ssl/server_ca.crt                     | 35 ++++++-----
35 files changed, 600 insertions(+), 556 deletions(-)