qt5base-lts/tests/auto/network/ssl/qsslcertificate/verify-certs
Timur Pocheptsov e7ab17ade1 tst_QSslCertificate::verify - remove QSKIP
And re-generate certificates.

Fixes: QTBUG-95429
Pick-to: 6.2 6.1 5.15 5.12
Change-Id: Id970a0a9315d146d6dd1e66c9cff9b7d75657e2d
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2021-08-06 16:08:43 +02:00
..
cacert.pem tst_QSslCertificate::verify - remove QSKIP 2021-08-06 16:08:43 +02:00
README tst_QSslCertificate::verify - remove QSKIP 2021-08-06 16:08:43 +02:00
test-addons-mozilla-org-cert.pem Moved network autotests into new directory structure 2011-09-09 09:32:17 +02:00
test-intermediate-ca-cert.pem tst_QSslCertificate::verify - remove QSKIP 2021-08-06 16:08:43 +02:00
test-intermediate-is-ca-cert.pem tst_QSslCertificate::verify - remove QSKIP 2021-08-06 16:08:43 +02:00
test-intermediate-not-ca-cert.pem tst_QSslCertificate::verify - remove QSKIP 2021-08-06 16:08:43 +02:00
test-ocsp-good-cert.pem tst_QSslCertificate::verify - remove QSKIP 2021-08-06 16:08:43 +02:00

openssl verify -CAfile cacert.pem -untrusted test-intermediate-ca-cert.pem test-intermediate-is-ca-cert.pem
openssl verify -CAfile cacert.pem -untrusted test-ocsp-good-cert.pem test-intermediate-not-ca-cert.pem

1. cacert.pem is, obviously, a root CA certificate.
2. test-intermediate-ca-cert.pem is a certificate, signed by the root CA, an intermediate CA.
3. test-intermediate-is-ca-cert.pem is a certificate, signed by test-intermediate-ca-cert.pem.
4. test-ocsp-good-cert.pem is signed by root CA, it has CA:FALSE but keyUsage allowing to sign
   CSRs - this is how OpenSSL would report us 'invalid CA certificate' instead of 'No issuer found'.
5. test-intermediate-not-ca-cert.pem is signed by test-ocsp-good-cert.pem.