Skip to content

Commit

Permalink
test: enable to work pkcs12 test in FIPS mode
Browse files Browse the repository at this point in the history
The pfx file created by pkcs12 command of openssl causes an error in
FIPS mode because its certificate is encrypted with RC2 by default.
Adding `-descert` option resolves the error.

Fix: #5144
Fix: #5109
PR-URL: #5150
Reviewed-By: Rich Trott <[email protected]>
Shigeki Ohtsu authored and rvagg committed Feb 9, 2016
1 parent e439066 commit 9dcc45e
Showing 3 changed files with 1 addition and 5 deletions.
1 change: 1 addition & 0 deletions test/fixtures/keys/Makefile
Original file line number Diff line number Diff line change
@@ -81,6 +81,7 @@ agent1-cert.pem: agent1-csr.pem ca1-cert.pem ca1-key.pem

agent1-pfx.pem: agent1-cert.pem agent1-key.pem ca1-cert.pem
openssl pkcs12 -export \
-descert \
-in agent1-cert.pem \
-inkey agent1-key.pem \
-certfile ca1-cert.pem \
Binary file modified test/fixtures/keys/agent1-pfx.pem
Binary file not shown.
5 changes: 0 additions & 5 deletions test/parallel/test-tls-pfx-gh-5100-regr.js
Original file line number Diff line number Diff line change
@@ -7,11 +7,6 @@ if (!common.hasCrypto) {
return;
}

if (common.hasFipsCrypto) {
console.log('1..0 # Skipped: PFX does not work in FIPS mode');
return;
}

const assert = require('assert');
const tls = require('tls');
const fs = require('fs');

0 comments on commit 9dcc45e

Please sign in to comment.