Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Resolve test failure - Refresh server.crt with existing key extending expiry to Nov 21 03:28:10 2034 GMT #1003

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

BaileyFirman
Copy link

Cert used for testing has expired, used openssl to refresh with extended expiry 10 years into the future

// Create new cert
openssl x509 -in server.crt -signkey server.key -days 3650 -out new_server.crt

// Verify
openssl x509 -in new_server.crt -text -noout

// Finally replace
mv new_server.crt server.crt
// Content of new cert
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            89:4e:6b:34:a9:c2:19:80
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=Indiana, O=node-express-session, CN=express-session.local
        Validity
            Not Before: Nov 21 03:28:10 2024 GMT
            Not After : Nov 19 03:28:10 2034 GMT
        Subject: C=US, ST=Indiana, O=node-express-session, CN=express-session.local
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:d8:1b:7f:7c:ce:a3:7a:62:ff:c5:03:1e:fb:7a:
                    82:cb:8d:ee:15:34:26:03:5d:47:22:58:1c:dc:79:
                    a6:79:bb:fa:ed:3f:f5:ec:85:34:16:0c:a1:5f:51:
                    b6:ff:92:69:e2:0d:ac:ec:09:ab:12:a0:db:14:0a:
                    b7:2a:40:f2:45:d6:31:77:17:d5:e3:b1:9c:5c:82:
                    00:da:6f:c3:00:6c:03:21:9e:12:5a:c7:69:77:c8:
                    f2:6c:5a:70:7f:f2:6a:d8:71:db:1d:40:d3:d7:27:
                    14:16:f4:c3:19:81:4c:73:ef:78:08:63:9f:eb:11:
                    e6:b2:53:da:30:81:c9:d5:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:5F:27:09:C1:16:E8:4E:19:34:B8:1D:C2:77:7F:A8:48:BC:F5:7E
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        93:fc:4d:6b:64:6c:5e:99:96:79:17:ca:97:f5:2a:13:b1:cd:
        38:10:b1:30:4f:73:f0:03:47:20:53:97:c6:99:69:9a:8c:f7:
        e3:c3:7d:fd:cb:9d:c4:40:06:ff:1f:fb:0c:86:e8:12:ad:e2:
        8c:2d:54:80:1d:18:4c:34:65:db:f9:d4:74:33:32:62:47:81:
        9b:29:1b:d8:c8:7b:a5:e3:38:d6:7a:7f:6e:42:b0:c7:76:0b:
        2a:0f:84:67:51:ca:bc:ec:70:7e:8b:8f:68:14:b3:79:f6:aa:
        08:f4:c3:a8:38:a0:5f:00:a1:8a:95:77:7e:20:bf:7e:8f:24:
        7f:8c

Copy link
Member

@UlisesGascon UlisesGascon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks @BaileyFirman for this pr!

@ctcpip ctcpip changed the title fix: Resolve test failure - Refresh server.crt with existing key extending expiry to Nov 21 03:28:10 2024 GMT fix: Resolve test failure - Refresh server.crt with existing key extending expiry to Nov 21 03:28:10 2034 GMT Dec 20, 2024
Copy link
Member

@ctcpip ctcpip left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know it doesn't matter for testing, but can we use at least 2048 bits?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants