projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Enable setting SSL_CERT_FLAG_TLS_STRICT with ssl config
[openssl.git] / test / certs / setup.sh
diff --git a/test/certs/setup.sh b/test/certs/setup.sh
index 21f9355b8ba33f83c9c365b9c720d226f2fc806b..2a505c58959af7d95b2263e510c1690367289286 100755 (executable)
--- a/test/certs/setup.sh
+++ b/test/certs/setup.sh
@@ -413,6 +413,12 @@ openssl req -new -noenc -subj "/CN=localhost" \
     ./mkcert.sh geneenocsr "Server RSA-PSS restricted cert" \
     server-pss-restrict-cert rootkey rootcert
 
+openssl req -new -noenc -subj "/CN=Client-RSA-PSS" \
+    -newkey rsa-pss -keyout client-pss-restrict-key.pem \
+    -pkeyopt rsa_pss_keygen_md:sha256 -pkeyopt rsa_pss_keygen_saltlen:32 | \
+    ./mkcert.sh geneenocsr -p clientAuth "Client RSA-PSS restricted cert" \
+    client-pss-restrict-cert rootkey rootcert
+
 # CT entry
 ./mkcert.sh genct server.example embeddedSCTs1-key embeddedSCTs1 embeddedSCTs1_issuer-key embeddedSCTs1_issuer ct-server-key
 
Unnamed repository; edit this file 'description' to name the repository.