mbedtls/tests/data_files/test-ca.opensslconf
Manuel Pégourié-Gonnard 7d2a4d873f Add test: DNS names should not match IP addresses
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-08-11 10:23:52 +02:00

77 lines
1.6 KiB
Text

[req]
x509_extensions = v3_ca
distinguished_name = req_dn
[req_dn]
countryName = NL
organizationalUnitName = PolarSSL
commonName = PolarSSL Test CA
[v3_ca]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = CA:true
[othername_san]
subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
[unsupoported_othername_san]
subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
[dns_alt_names]
subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org
[alt_names]
DNS.1=example.com
otherName.1=1.3.6.1.5.5.7.8.4;SEQ:hw_module_name
DNS.2=example.net
DNS.3=*.example.org
[multiple_san]
subjectAltName=@alt_names
[hw_module_name]
hwtype = OID:1.3.6.1.4.1.17.3
hwserial = OCT:123456
[v3_any_policy_ca]
basicConstraints = CA:true
certificatePolicies = 2.5.29.32.0
[v3_any_policy_qualifier_ca]
basicConstraints = CA:true
certificatePolicies = @policy_info
[v3_multi_policy_ca]
basicConstraints = CA:true
certificatePolicies = 1.2.3.4,2.5.29.32.0
[v3_unsupported_policy_ca]
basicConstraints = CA:true
certificatePolicies = 1.2.3.4
[policy_info]
policyIdentifier = 2.5.29.32.0
CPS.1 ="CPS uri string"
[fan_cert]
extendedKeyUsage = 1.3.6.1.4.1.45605.1
[noext_ca]
basicConstraints = CA:true
[test_ca]
database = /dev/null
[crl_ext_idp]
issuingDistributionPoint=critical, @idpdata
[crl_ext_idp_nc]
issuingDistributionPoint=@idpdata
[idpdata]
fullname=URI:http://pki.example.com/
# these IPs are the ascii values for 'abcd' and 'abcd.example.com'
[tricky_ip_san]
subjectAltName=IP:97.98.99.100,IP:6162:6364:2e65:7861:6d70:6c65:2e63:6f6d