Lose duplicated cert in ocsp response

[exim.git] / test / aux-fixed / exim-ca / genall

diff --git a/test/aux-fixed/exim-ca/genall b/test/aux-fixed/exim-ca/genall
index 6998108b0bff135379b520a11613d13c73b73731..85edfc29c1d82f44746ba6b9d2e6f610bb83680c 100755 (executable)
--- a/test/aux-fixed/exim-ca/genall
+++ b/test/aux-fixed/exim-ca/genall
@@ -10,8 +10,8 @@ V='-v'
 
 clica --help >/dev/null 2>&1
 
-echo Ensure time is set to 2012/11/01 12:34
-echo use -  date -u 110112342012
+echo Ensure time is set to 2019/11/01 12:34
+echo use -  date -u 110112342019
 echo hit return when ready
 read junk
 
@@ -44,7 +44,7 @@ do
     clica $V -D $idir -p password -s 103 -S expired1.$iname -m 1
 
     clica $V -D $idir -p password -s 201 -S  server2.$iname -m 301 \
-       -3 'CN=clica CA rsa,O=example.com' -8 '*.test.ex'
+       -3 "CN=clica CA rsa,O=example.$tld" -8 '*.test.ex'
     clica $V -D $idir -p password -s 202 -S revoked2.$iname -m 301
     clica $V -D $idir -p password -s 203 -S expired2.$iname -m 1
 
@@ -130,12 +130,13 @@ EOF
     for server in server1 revoked1 expired1 server2 revoked2 expired2
     do
        SPFX=$idir/$server.$iname/$server.$iname
-       openssl ocsp -issuer $CADIR/Signer.pem -sha256 -cert $SPFX.pem -no_nonce -reqout $SPFX.ocsp.req
+       openssl ocsp -issuer $CADIR/Signer.pem -cert $SPFX.pem -no_nonce -reqout $SPFX.ocsp.req
        REQIN="-reqin $SPFX.ocsp.req"
 
        # These ones get used by the "traditional" testcases. OCSP resp signed by a cert which is
        # signed by the signer of the leaf-cert being attested to.
        OGENCOMMON="-rsigner $CADIR/OCSP.pem -rkey $CADIR/OCSP.key -CA $CADIR/Signer.pem -noverify"
+
        openssl ocsp $IVALID   $OGENCOMMON -ndays 3652 $REQIN -respout $SPFX.ocsp.good.resp
        openssl ocsp $IVALID   $OGENCOMMON -ndays 30   $REQIN -respout $SPFX.ocsp.dated.resp
        openssl ocsp $IREVOKED $OGENCOMMON -ndays 3652 $REQIN -respout $SPFX.ocsp.revoked.resp