rpms/openssl/devel Makefile.certificate, 1.2, 1.3 openssl.spec, 1.49, 1.50
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Mar 30 10:52:24 UTC 2005
Update of /cvs/dist/rpms/openssl/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv10869
Modified Files:
Makefile.certificate openssl.spec
Log Message:
- added support for changing serial number to
Makefile.certificate (#151188)
- make ca-bundle.crt a config file (#118903)
Index: Makefile.certificate
===================================================================
RCS file: /cvs/dist/rpms/openssl/devel/Makefile.certificate,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- Makefile.certificate 10 Feb 2005 09:26:39 -0000 1.2
+++ Makefile.certificate 30 Mar 2005 10:52:21 -0000 1.3
@@ -1,4 +1,5 @@
UTF8 := $(shell locale -c LC_CTYPE -k | grep -q charmap.*UTF-8 && echo -utf8)
+SERIAL=0
.PHONY: usage
.SUFFIXES: .key .csr .crt .pem
@@ -19,6 +20,8 @@
@echo "To create a CSR for use with Apache, run \"make certreq\"."
@echo "To create a test certificate for use with Apache, run \"make testcert\"."
@echo
+ @echo "To create a test certificate with serial number other than zero, add SERIAL=num"
+ @echo
@echo Examples:
@echo " make server.key"
@echo " make server.csr"
@@ -27,12 +30,15 @@
@echo " make genkey"
@echo " make certreq"
@echo " make testcert"
+ @echo " make server.crt SERIAL=1"
+ @echo " make stunnel.pem SERIAL=2"
+ @echo " make testcert SERIAL=3"
%.pem:
umask 77 ; \
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
- /usr/bin/openssl req $(UTF8) -newkey rsa:1024 -keyout $$PEM1 -nodes -x509 -days 365 -out $$PEM2 ; \
+ /usr/bin/openssl req $(UTF8) -newkey rsa:1024 -keyout $$PEM1 -nodes -x509 -days 365 -out $$PEM2 -set_serial $(SERIAL) ; \
cat $$PEM1 > $@ ; \
echo "" >> $@ ; \
cat $$PEM2 >> $@ ; \
@@ -48,7 +54,7 @@
%.crt: %.key
umask 77 ; \
- /usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days 365 -out $@
+ /usr/bin/openssl req $(UTF8) -new -key $^ -x509 -days 365 -out $@ -set_serial $(SERIAL)
KEY=/etc/httpd/conf/ssl.key/server.key
CSR=/etc/httpd/conf/ssl.csr/server.csr
@@ -64,4 +70,4 @@
$(CRT): $(KEY)
umask 77 ; \
- /usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days 365 -out $(CRT)
+ /usr/bin/openssl req $(UTF8) -new -key $(KEY) -x509 -days 365 -out $(CRT) -set_serial $(SERIAL)
Index: openssl.spec
===================================================================
RCS file: /cvs/dist/rpms/openssl/devel/openssl.spec,v
retrieving revision 1.49
retrieving revision 1.50
diff -u -r1.49 -r1.50
--- openssl.spec 30 Mar 2005 09:14:37 -0000 1.49
+++ openssl.spec 30 Mar 2005 10:52:21 -0000 1.50
@@ -345,6 +345,7 @@
%{_datadir}/ssl/private
%config(noreplace) %{_datadir}/ssl/openssl.cnf
+%config %{_datadir}/ssl/certs/ca-bundle.crt
%attr(0755,root,root) %{_bindir}/openssl
%attr(0755,root,root) /%{_lib}/*.so.%{version}
@@ -381,11 +382,13 @@
%changelog
* Wed Mar 30 2005 Tomas Mraz <trmaz at redhat.com> 0.9.7f-1
-- reenable optimizations on ppc64
-- enable assembly code on ia64
+- reenable optimizations on ppc64 and assembly code on ia64
- upgrade to new upstream version (no soname bump needed)
- disable thread test - it was testing the backport of the
RSA blinding - no longer needed
+- added support for changing serial number to
+ Makefile.certificate (#151188)
+- make ca-bundle.crt a config file (#118903)
* Tue Mar 1 2005 Tomas Mraz <tmraz at redhat.com> 0.9.7e-3
- libcrypto shouldn't depend on libkrb5 (#135961)
More information about the fedora-cvs-commits
mailing list