From c26892244c3d77a45347d3865b977d89aa6d22a2 Mon Sep 17 00:00:00 2001
From: "Roger A. Light" <roger@atchoo.org>
Date: Sun, 4 Nov 2018 07:33:09 +0000
Subject: [PATCH] Test x509 generation script requires no interaction now.

---
 test/ssl/gen.sh | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/test/ssl/gen.sh b/test/ssl/gen.sh
index 7a49631caa..a52159c1e4 100755
--- a/test/ssl/gen.sh
+++ b/test/ssl/gen.sh
@@ -31,42 +31,42 @@ openssl req -new -x509 -days 3650 -key test-fake-root-ca.key -out test-fake-root
 # An intermediate CA, signed by the root CA, used to sign server/client csrs.
 openssl genrsa -out test-signing-ca.key 1024
 openssl req -out test-signing-ca.csr -key test-signing-ca.key -new -config openssl.cnf -subj "${BASESUBJ}/CN=Signing CA/"
-openssl ca -config openssl.cnf -name CA_root -extensions v3_ca -out test-signing-ca.crt -infiles test-signing-ca.csr
+openssl ca -batch -config openssl.cnf -name CA_root -extensions v3_ca -out test-signing-ca.crt -infiles test-signing-ca.csr
 
 # An alternative intermediate CA, signed by the root CA, not used to sign anything.
 openssl genrsa -out test-alt-ca.key 1024
 openssl req -out test-alt-ca.csr -key test-alt-ca.key -new -config openssl.cnf -subj "${BASESUBJ}/CN=Alternative Signing CA/"
-openssl ca -config openssl.cnf -name CA_root -extensions v3_ca -out test-alt-ca.crt -infiles test-alt-ca.csr
+openssl ca -batch -config openssl.cnf -name CA_root -extensions v3_ca -out test-alt-ca.crt -infiles test-alt-ca.csr
 
 # Valid server key and certificate.
 openssl genrsa -out server.key 1024
 openssl req -new -key server.key -out server.csr -config openssl.cnf -subj "${SBASESUBJ}/CN=localhost/"
-openssl ca -config openssl.cnf -name CA_signing -out server.crt -infiles server.csr 
+openssl ca -batch -config openssl.cnf -name CA_signing -out server.crt -infiles server.csr 
 
 # Expired server certificate, based on the above server key.
 openssl req -new -days 1 -key server.key -out server-expired.csr -config openssl.cnf -subj "${SBASESUBJ}/CN=localhost/"
-openssl ca -config openssl.cnf -name CA_signing -days 1 -startdate 120820000000Z -enddate 120821000000Z -out server-expired.crt -infiles server-expired.csr 
+openssl ca -batch -config openssl.cnf -name CA_signing -days 1 -startdate 120820000000Z -enddate 120821000000Z -out server-expired.crt -infiles server-expired.csr 
 
 # Valid client key and certificate.
 openssl genrsa -out client.key 1024
 openssl req -new -key client.key -out client.csr -config openssl.cnf -subj "${SBASESUBJ}/CN=test client/"
-openssl ca -config openssl.cnf -name CA_signing -out client.crt -infiles client.csr 
+openssl ca -batch -config openssl.cnf -name CA_signing -out client.crt -infiles client.csr 
 
 # Expired client certificate, based on the above client key.
 openssl req -new -days 1 -key client.key -out client-expired.csr -config openssl.cnf -subj "${SBASESUBJ}/CN=test client expired/"
-openssl ca -config openssl.cnf -name CA_signing -days 1 -startdate 120820000000Z -enddate 120821000000Z -out client-expired.crt -infiles client-expired.csr 
+openssl ca -batch -config openssl.cnf -name CA_signing -days 1 -startdate 120820000000Z -enddate 120821000000Z -out client-expired.crt -infiles client-expired.csr 
 
 # Revoked client certificate, based on a new client key.
 openssl genrsa -out client-revoked.key 1024
 openssl req -new -days 1 -key client-revoked.key -out client-revoked.csr -config openssl.cnf -subj "${SBASESUBJ}/CN=test client revoked/"
-openssl ca -config openssl.cnf -name CA_signing -out client-revoked.crt -infiles client-revoked.csr 
-openssl ca -config openssl.cnf -name CA_signing -revoke client-revoked.crt
-openssl ca -config openssl.cnf -name CA_signing -gencrl -out crl.pem
+openssl ca -batch -config openssl.cnf -name CA_signing -out client-revoked.crt -infiles client-revoked.csr 
+openssl ca -batch -config openssl.cnf -name CA_signing -revoke client-revoked.crt
+openssl ca -batch -config openssl.cnf -name CA_signing -gencrl -out crl.pem
 
 # Valid client key and certificate, encrypted (use "password" as password)
-openssl genrsa -des3 -out client-encrypted.key 1024
-openssl req -new -key client-encrypted.key -out client-encrypted.csr -config openssl.cnf -subj "${SBASESUBJ}/CN=test client encrypted/"
-openssl ca -config openssl.cnf -name CA_signing -out client-encrypted.crt -infiles client-encrypted.csr
+openssl genrsa -des3 -out client-encrypted.key -passout pass:password 1024
+openssl req -new -key client-encrypted.key -out client-encrypted.csr -config openssl.cnf -subj "${SBASESUBJ}/CN=test client encrypted/" -passin pass:password
+openssl ca -batch -config openssl.cnf -name CA_signing -out client-encrypted.crt -infiles client-encrypted.csr
 
 cat test-signing-ca.crt test-root-ca.crt > all-ca.crt
 #mkdir certs