test "Revoking certificate" {
set revoking_cert $::test::ca/newcerts/[string trim [getFile $::test::ca/serial.old]].pem
append serial_list [regsub "serial=" [openssl "x509 -in $revoking_cert -noout -serial"] " Serial Number: "]
- grep "Data Base" [openssl "ca -crl_reason keyCompromize -crl_compromise [clock\
- format [clock seconds] -format %Y%m%d%H%M%SZ] -revoke $revoking_cert -config $::test::ca/ca.conf"]
-} 0 "Data Base Updated
+ string map {"Data Base" Database Updated updated} [ grep "Data" [openssl "ca -crl_reason keyCompromize -crl_compromise [clock\
+ format [clock seconds] -format %Y%m%d%H%M%SZ] -revoke $revoking_cert -config $::test::ca/ca.conf"] ]
+} 0 "Database updated
"
test -createsfiles test.crl "Generating CRL" {
openssl "ca -gencrl -config $::test::ca/ca.conf -out test.crl"
test -skip {![file exists test.crl]} "Displaying CRL" {
- grep "(Serial|Version|Signature Alg|Issuer)" [openssl "crl -text -noout -in test.crl"]
+ regsub -all " = " [grep "(Serial|Version|Signature Alg|Issuer)" [openssl "crl -text -noout -in test.crl"] ] "="
} 0 " Version 2 (0x1)
Signature Algorithm: [hash_with_sign_long_name $ca_alg]
- Issuer: C = RU, L = Moscow, CN = Test CA $ca_alg, O = Cryptocom, OU = OpenSSL CA, emailAddress = openssl@cryptocom.ru
+ Issuer: C=RU, L=Moscow, CN=Test CA $ca_alg, O=Cryptocom, OU=OpenSSL CA, emailAddress=openssl@cryptocom.ru
$serial_list Signature Algorithm: [hash_with_sign_long_name $ca_alg]
"