Skip to content

Commit

Permalink
test: enable to work pkcs12 test in FIPS mode
Browse files Browse the repository at this point in the history
The pfx file created by pkcs12 command of openssl causes an error in
FIPS mode because its certificate is encrypted with RC2 by default.
Adding `-descert` option resolves the error.

Fix: #5144
Fix: #5109
PR-URL: #5150
Reviewed-By: Rich Trott <[email protected]>
  • Loading branch information
Shigeki Ohtsu authored and rvagg committed Feb 9, 2016
1 parent e439066 commit 9dcc45e
Show file tree
Hide file tree
Showing 3 changed files with 1 addition and 5 deletions.
1 change: 1 addition & 0 deletions test/fixtures/keys/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@ agent1-cert.pem: agent1-csr.pem ca1-cert.pem ca1-key.pem

agent1-pfx.pem: agent1-cert.pem agent1-key.pem ca1-cert.pem
openssl pkcs12 -export \
-descert \
-in agent1-cert.pem \
-inkey agent1-key.pem \
-certfile ca1-cert.pem \
Expand Down
Binary file modified test/fixtures/keys/agent1-pfx.pem
Binary file not shown.
5 changes: 0 additions & 5 deletions test/parallel/test-tls-pfx-gh-5100-regr.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,6 @@ if (!common.hasCrypto) {
return;
}

if (common.hasFipsCrypto) {
console.log('1..0 # Skipped: PFX does not work in FIPS mode');
return;
}

const assert = require('assert');
const tls = require('tls');
const fs = require('fs');
Expand Down

0 comments on commit 9dcc45e

Please sign in to comment.