I considered generating the certificate but I am wary of draining the system entropy. I don't know how much entropy generating an SSL certificate requires but the testsuite doesn't need a high quality certificate and it should avoid using entropy if possible. So I embedded a pre-generated certificate in the script.
Ben Reser <b...@reser.org> writes: > Neon's test suite has some logic in it to generate certificates. We > should probably do something similar for this. > > Side note: If someone implements it just please don't do what neon > does and depend on the Gnu specific flag '-d' to the date command to > figure out the right timestamp to set on the cert(s). I believe date > -v is much more portable (though I haven't gotten around to checking > more than OS X and Linux). > > On Mon, Aug 13, 2012 at 6:27 AM, Philip Martin > <philip.mar...@wandisco.com> wrote: >> My mistake. In my case the certificate embedded in davautocheck.sh has >> expired: >> >> W: Error validating server certificate for 'https://localhost:13864': >> W: - The certificate is not issued by a trusted authority. Use the >> W: fingerprint to validate the certificate manually! >> W: - The certificate has expired. >> >> If I update the script to use an in-date certificate the tests PASS over >> SSL. > -- Certified & Supported Apache Subversion Downloads: http://www.wandisco.com/subversion/download
