From badb11d00a8cee48e9306e8de818b45b5a29082a Mon Sep 17 00:00:00 2001
From: Heikki Hannikainen <hessu@hes.iki.fi>
Date: Tue, 1 Nov 2022 20:15:33 +0200
Subject: [PATCH] tests: Create a client cert in Makefile

---
 tests/Makefile         | 14 ++++++++++++--
 tests/tls-openssl.conf |  2 +-
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/tests/Makefile b/tests/Makefile
index 2625db4..53cf0cb 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -31,7 +31,7 @@ aggrtest:
 	PERL_DL_NONLAZY=1 $(PERL) "-MExtUtils::Command::MM" "-e" "test_harness($(TEST_VERBOSE), '$(INST_LIB)', '$(INST_ARCHLIB)')" $(AGGREGATOR_FILES)
 
 tls-testca: tls-testca/cacert.pem
-tls-testcert: tls-testca cfg-aprsc/tls1-cert.pem
+tls-testcert: tls-testca cfg-aprsc/tls1-cert.pem cfg-aprsc/tls-client-cert.pem
 
 tls-testca/serial:
 	mkdir -p tls-testca tmp
@@ -43,7 +43,7 @@ tls-testca/cacert.pem: tls-testca/serial
 	openssl req -x509 -new -nodes -newkey rsa:2048 -keyout tls-testca/private/cakey.pem -sha256 -days 7300 \
 		-subj "/O=aprsc TEST/OU=Testing Department/CN=Testing CA" -out tls-testca/cacert.pem
 
-cfg-aprsc/tls1-cert.pem:
+cfg-aprsc/tls1-cert.pem: tls-testca/cacert.pem
 	openssl req -new -config tls-openssl.conf \
 		-keyout cfg-aprsc/tls1-key.pem -out tmp/tls1-req.pem \
 		-newkey rsa:2048 -nodes -sha256 \
@@ -53,3 +53,13 @@ cfg-aprsc/tls1-cert.pem:
 		-in tmp/tls1-req.pem -out cfg-aprsc/tls1-cert.pem \
 		-days 3650
 
+cfg-aprsc/tls-client-cert.pem: tls-testca/cacert.pem
+	openssl req -new -config tls-openssl.conf \
+		-keyout cfg-aprsc/tls-client-key.pem -out tmp/tls-client-req.pem \
+		-newkey rsa:2048 -nodes -sha256 \
+		-subj "/O=aprsc TEST/callSign=N5CAL"
+
+	openssl ca -config tls-openssl.conf -batch \
+		-in tmp/tls-client-req.pem -out cfg-aprsc/tls-client-cert.pem \
+		-days 3650
+
diff --git a/tests/tls-openssl.conf b/tests/tls-openssl.conf
index be7cdda..10dfc84 100644
--- a/tests/tls-openssl.conf
+++ b/tests/tls-openssl.conf
@@ -42,7 +42,7 @@ policy          = policy_client
 callSign                = optional
 organizationName        = optional
 organizationalUnitName  = optional
-commonName              = supplied
+commonName              = optional
 emailAddress            = optional
 
 [ req ]