diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2021-03-21 00:23:31 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-10-22 17:16:07 +0900 |
commit | 558cfbe5f5032d669e1eca4d94e9ebc9cfe1402d (patch) | |
tree | 43ad884c976ec8ea17a90af28744d0c0691f21d4 | |
parent | 998406d18f2acf73090e9fd9d92a7b4227ac593b (diff) | |
download | ruby-openssl-558cfbe5f5032d669e1eca4d94e9ebc9cfe1402d.tar.gz |
test/openssl/test_ssl: fix illegal SAN extension
A certificate can only have one SubjectAltName extension. OpenSSL 3.0
performs a stricter validation and certificates containing multiple SANs
will be rejected.
-rw-r--r-- | test/openssl/test_ssl.rb | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index a93668d9..6412250c 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -593,8 +593,7 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase exts = [ ["keyUsage","keyEncipherment,digitalSignature",true], - ["subjectAltName","DNS:localhost.localdomain",false], - ["subjectAltName","IP:127.0.0.1",false], + ["subjectAltName","DNS:localhost.localdomain,IP:127.0.0.1",false], ] @svr_cert = issue_cert(@svr, @svr_key, 4, exts, @ca_cert, @ca_key) start_server { |port| |