php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #68234 The provided self-signed certificate for testing bug #65729 has expired
Submitted: 2014-10-15 12:55 UTC Modified: 2014-10-15 13:40 UTC
From: gm dot outside+php at gmail dot com Assigned: tyrael (profile)
Status: Closed Package: Testing related
PHP Version: 5.6.1 OS: Linux
Private report: No CVE-ID: None
 [2014-10-15 12:55 UTC] gm dot outside+php at gmail dot com
Description:
------------
One of the tests for the ext/openssl extension (the test is for bug #65729) uses a self-signed certificate.  That certificate was generated with the OpenSSL default validity period of 365 days and is now expired:
===
/php-5.6.1/ext/openssl/tests $ openssl x509 -text < bug65729.pem | fgrep Issuer -A 4
        Issuer: C=SG, ST=Testville, O=datibbaw, CN=*.test.com
        Validity
            Not Before: Sep 21 07:52:24 2013 GMT
            Not After : Sep 21 07:52:24 2014 GMT
        Subject: C=SG, ST=Testville, O=datibbaw, CN=*.test.com
===

This renders the corresponding test useless since the validation of the certificate fails due to certificate's expiration.

Since it's a dummy self-signed certificate it would be advisable to set the validity period much much greater, say ten or 25 years.

Right now, PHP 5.6.1 cannot possibly pass its test suite until the certificate is regenerated.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-10-15 13:07 UTC] gm dot outside+php at gmail dot com
The self-signed certificate can be regenerated with the following OpenSSL commands:
===
openssl genrsa -des3 -out server.key.enc 1024
openssl rsa < server.key.enc > server.key
openssl req -new -key server.key -out server.csr
# All fields can be left at defaults, except "Common Name", which should be *.test.com
openssl x509 -req -days 9131 -in server.csr -signkey server.key -out server.crt
# That's right :) 25 years
cat server.crt server.key > bug65729.pem
===

Then, just replace the certificate in the test suite (at ext/openssl/tests/bug65729.pem) with the newly generated one.  Test should pass now.
 [2014-10-15 13:14 UTC] datibbaw@php.net
Automatic comment on behalf of datibbaw
Revision: http://git.php.net/?p=php-src.git;a=commit;h=836a5dfddbe36e6171f29c0548af1c06c7fce6b1
Log: Fixed bug #68234
 [2014-10-15 13:14 UTC] datibbaw@php.net
-Status: Open +Status: Closed
 [2014-10-15 13:40 UTC] tyrael@php.net
-Assigned To: +Assigned To: tyrael
 [2014-10-15 13:40 UTC] tyrael@php.net
for the record, this was already fixed in the PHP-5.6 branch:
http://git.php.net/?p=php-src.git;a=commit;h=d27f3e7b647892630583cb0091e96deb1f04411b
 [2014-10-16 11:58 UTC] ab@php.net
Automatic comment on behalf of datibbaw
Revision: http://git.php.net/?p=php-src.git;a=commit;h=836a5dfddbe36e6171f29c0548af1c06c7fce6b1
Log: Fixed bug #68234
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Fri Oct 30 02:01:24 2020 UTC