@@ -18,12 +18,29 @@ os::cmd::expect_success_and_not_text \
18
18
--overwrite=true" \
19
19
' WARNING: .* is greater than 5 years'
20
20
21
+ os::cmd::expect_success_and_text " cat '${CERT_DIR} /ca.serial.txt'" ' 00'
22
+ os::cmd::expect_success_and_text " tail -c 1 '${CERT_DIR} /ca.serial.txt' | wc -l" ' 1' # check for newline at end
23
+
21
24
expected_year=" $( TZ=GMT date -d " +$(( 365 * 5 )) days" +' %Y' ) "
22
25
23
26
os::cmd::expect_success_and_text \
24
27
" openssl x509 -in '${CERT_DIR} /ca.crt' -enddate -noout | awk '{print \$ 4}'" \
25
28
" ${expected_year} "
26
29
30
+ # Make a cert with the CA to see the counter increment
31
+ # We can then check to see if it gets reset due to overwrite
32
+ os::cmd::expect_success \
33
+ " oc adm create-api-client-config \
34
+ --client-dir='${CERT_DIR} ' \
35
+ --user=some-user \
36
+ --certificate-authority='${CERT_DIR} /ca.crt' \
37
+ --signer-cert='${CERT_DIR} /ca.crt' \
38
+ --signer-key='${CERT_DIR} /ca.key' \
39
+ --signer-serial='${CERT_DIR} /ca.serial.txt'"
40
+
41
+ os::cmd::expect_success_and_text " cat '${CERT_DIR} /ca.serial.txt'" ' 01'
42
+ os::cmd::expect_success_and_text " tail -c 1 '${CERT_DIR} /ca.serial.txt' | wc -l" ' 1' # check for newline at end
43
+
27
44
# oc adm ca create-signer-cert should generate certificate with specified number of days and show warning
28
45
os::cmd::expect_success_and_text \
29
46
" oc adm ca create-signer-cert --cert='${CERT_DIR} /ca.crt' \
@@ -33,6 +50,9 @@ os::cmd::expect_success_and_text \
33
50
--expire-days=$(( 365 * 6 )) " \
34
51
' WARNING: .* is greater than 5 years'
35
52
53
+ os::cmd::expect_success_and_text " cat '${CERT_DIR} /ca.serial.txt'" ' 00'
54
+ os::cmd::expect_success_and_text " tail -c 1 '${CERT_DIR} /ca.serial.txt' | wc -l" ' 1' # check for newline at end
55
+
36
56
expected_year=" $( TZ=GMT date -d " +$(( 365 * 6 )) days" +' %Y' ) "
37
57
38
58
os::cmd::expect_success_and_text \
@@ -58,6 +78,9 @@ os::cmd::expect_success_and_not_text \
58
78
--signer-serial='${CERT_DIR} /ca.serial.txt'" \
59
79
' WARNING: .* is greater than 2 years'
60
80
81
+ os::cmd::expect_success_and_text " cat '${CERT_DIR} /ca.serial.txt'" ' 02'
82
+ os::cmd::expect_success_and_text " tail -c 1 '${CERT_DIR} /ca.serial.txt' | wc -l" ' 1' # check for newline at end
83
+
61
84
expected_year=" $( TZ=GMT date -d " +$(( 365 * 2 )) days" +' %Y' ) "
62
85
for CERT_FILE in master-client.crt server.crt; do
63
86
os::cmd::expect_success_and_text \
@@ -84,6 +107,9 @@ os::cmd::expect_success_and_text \
84
107
--expire-days=$(( 365 * 3 )) " \
85
108
' WARNING: .* is greater than 2 years'
86
109
110
+ os::cmd::expect_success_and_text " cat '${CERT_DIR} /ca.serial.txt'" ' 04'
111
+ os::cmd::expect_success_and_text " tail -c 1 '${CERT_DIR} /ca.serial.txt' | wc -l" ' 1' # check for newline at end
112
+
87
113
expected_year=" $( TZ=GMT date -d " +$(( 365 * 3 )) days" +' %Y' ) "
88
114
89
115
for CERT_FILE in master-client.crt server.crt; do
@@ -106,6 +132,10 @@ os::cmd::expect_success_and_not_text \
106
132
--signer-serial='${CERT_DIR} /ca.serial.txt'" \
107
133
' WARNING: .* is greater than 2 years'
108
134
135
+
136
+ os::cmd::expect_success_and_text " cat '${CERT_DIR} /ca.serial.txt'" ' 05'
137
+ os::cmd::expect_success_and_text " tail -c 1 '${CERT_DIR} /ca.serial.txt' | wc -l" ' 1' # check for newline at end
138
+
109
139
expected_year=" $( TZ=GMT date -d " +$(( 365 * 2 )) days" +' %Y' ) "
110
140
os::cmd::expect_success_and_text \
111
141
" openssl x509 -in '${CERT_DIR} /test-user.crt' -enddate -noout | awk '{print \$ 4}'" \
@@ -125,6 +155,9 @@ os::cmd::expect_success_and_text \
125
155
--expire-days=$(( 365 * 3 )) " \
126
156
' WARNING: .* is greater than 2 years'
127
157
158
+ os::cmd::expect_success_and_text " cat '${CERT_DIR} /ca.serial.txt'" ' 06'
159
+ os::cmd::expect_success_and_text " tail -c 1 '${CERT_DIR} /ca.serial.txt' | wc -l" ' 1' # check for newline at end
160
+
128
161
expected_year=" $( TZ=GMT date -d " +$(( 365 * 3 )) days" +' %Y' ) "
129
162
os::cmd::expect_success_and_text \
130
163
" openssl x509 -in '${CERT_DIR} /test-user.crt' -enddate -noout | awk '{print \$ 4}'" \
@@ -143,6 +176,9 @@ os::cmd::expect_success_and_not_text \
143
176
--key='${CERT_DIR} /example.org.key'" \
144
177
' WARNING: .* is greater than 2 years'
145
178
179
+ os::cmd::expect_success_and_text " cat '${CERT_DIR} /ca.serial.txt'" ' 07'
180
+ os::cmd::expect_success_and_text " tail -c 1 '${CERT_DIR} /ca.serial.txt' | wc -l" ' 1' # check for newline at end
181
+
146
182
expected_year=" $( TZ=GMT date -d " +$(( 365 * 2 )) days" +' %Y' ) "
147
183
148
184
os::cmd::expect_success_and_text \
@@ -161,6 +197,9 @@ os::cmd::expect_success_and_text \
161
197
--expire-days=$(( 365 * 3 )) " \
162
198
' WARNING: .* is greater than 2 years'
163
199
200
+ os::cmd::expect_success_and_text " cat '${CERT_DIR} /ca.serial.txt'" ' 08'
201
+ os::cmd::expect_success_and_text " tail -c 1 '${CERT_DIR} /ca.serial.txt' | wc -l" ' 1' # check for newline at end
202
+
164
203
expected_year=" $( TZ=GMT date -d " +$(( 365 * 3 )) days" +' %Y' ) "
165
204
166
205
os::cmd::expect_success_and_text \
0 commit comments