Increase test CA key sizes from 512 to 1024 to handle TLS1.2 digest sizes.

[exim.git] / test / aux-fixed / exim-ca / genall

diff --git a/test/aux-fixed/exim-ca/genall b/test/aux-fixed/exim-ca/genall
index 63a3618eef71af6b7eecfe892a1584c6323600cb..90ebe11955b8d7a5ab9958e64cfe474e3a450c4b 100755 (executable)
--- a/test/aux-fixed/exim-ca/genall
+++ b/test/aux-fixed/exim-ca/genall
@@ -7,7 +7,7 @@ echo hit return when ready
 read junk
 for tld in com org net
 do
-    clica -D example.$tld -p password -B 512 -I -N example.$tld -F -C http://crl.example.$tld/latest.crl -O http://oscp/example.$tld/
+    clica -D example.$tld -p password -B 1024 -I -N example.$tld -F -C http://crl.example.$tld/latest.crl -O http://oscp/example.$tld/
     clica -D example.$tld -p password -s 101 -S server1.example.$tld
     clica -D example.$tld -p password -s 102 -S revoked1.example.$tld
     clica -D example.$tld -p password -s 103 -S expired1.example.$tld -m 1
@@ -58,7 +58,8 @@ done
 # and loop again to generate unlocked keys and client cert bundles
 for tld in com org net
 do
-    for server in server1 revoked1 expired1 server2 revoked2 expired2 do
+    for server in server1 revoked1 expired1 server2 revoked2 expired2
+    do
        SDIR=example.$tld/$server.example.$tld
        SPFX=$SDIR/$server.example.$tld
        openssl rsa -in $SPFX.key -passin file:$SDIR/pwdfile -out $SPFX.unlocked.key
@@ -98,4 +99,7 @@ do
     openssl crl -in $CADIR/crl.v2 -inform der -out $CADIR/crl.v2.pem
 done
 
+find example.* -type d -print0 | xargs -0 chmod 755
+find example.* -type f -print0 | xargs -0 chmod 644
+
 echo "CA, Certificate, CRL and OSCP Response generation complete"