feat: crl support, metrics

2025-01-21 08:33:49 +01:00
parent f0332b21b2
commit 8844427927
9 changed files with 207 additions and 46 deletions
--- a/test.sh
+++ b/test.sh
@@ -1 +1,15 @@
-openssl ocsp -CAfile ../../ca/ca.crt -url http://127.0.0.1:8080 -issuer ../../ca/ca.crt -resp_text -cert ../../test.crt
+#!/usr/bin/env bash
+set -xeou pipefail
+
+# go run main.go --responder.certificate-path ../tinypki/ca/ca.crt --responder.key-path ../tinypki/ca/ca.key --ca-crt-path ../tinypki/ca/ca.crt --source.file.path ../tinypki/root.crl
+
+ca_dir="$(dirname $(readlink -f $0))/../tinypki"
+ocsp_url="$(openssl x509 -noout -ocsp_uri -in $ca_dir/dev-server.crt)"
+openssl ocsp \
+  -CAfile $ca_dir/ca/ca.crt \
+  -url "$ocsp_url" \
+  -issuer $ca_dir/ca/ca.crt \
+  -resp_text \
+  -cert $ca_dir/dev-server.crt
+
+openssl verify -crl_check -crl_download -CAfile $ca_dir/ca/ca.crt $ca_dir/dev-server.crt