yujunjun/playwright
1
0
Fork 0
mirror of https://github.com/microsoft/playwright.git synced 2025-06-26 21:40:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
playwright/tests/assets/client-certificates
History
Noritaka Kobayashi f4d655adcc
chore: fix typos (#36091)
2025-05-29 11:17:13 -07:00
..
client
feat(firefox): support custom policies.json (#35926)
2025-05-14 09:38:24 +01:00
server
README.md
chore: fix typos (#36091)
2025-05-29 11:17:13 -07:00

README.md

Client Certificate test-certificates

Server

openssl req \
	-x509 \
	-newkey rsa:4096 \
	-keyout server/server_key.pem \
	-out server/server_cert.pem \
	-nodes \
	-days 365 \
	-subj "/CN=localhost/O=Client\ Certificate\ Demo" \
	-addext "subjectAltName=DNS:localhost,DNS:local.playwright"

Trusted client-certificate (server signed/valid)

mkdir -p client/trusted
# generate server-signed (valid) certificate
openssl req \
	-newkey rsa:4096 \
	-keyout client/trusted/key.pem \
	-out client/trusted/csr.pem \
	-nodes \
	-days 365 \
	-subj "/CN=Alice"

# sign with server_cert.pem
openssl x509 \
	-req \
	-in client/trusted/csr.pem \
	-CA server/server_cert.pem \
	-CAkey server/server_key.pem \
	-out client/trusted/cert.pem \
	-set_serial 01 \
	-days 365
# create pfx
openssl pkcs12 -export -out client/trusted/cert.pfx -inkey client/trusted/key.pem -in client/trusted/cert.pem -passout pass:secure

Trusted certificate for localhost (server signed/valid)

mkdir -p client/localhost

# generate server-signed (valid) certificate
openssl req \
	-newkey rsa:4096 \
	-keyout client/localhost/localhost.key \
	-out client/localhost/localhost.csr \
	-nodes \
	-days 365 \
	-subj "/CN=localhost" \
  -addext "subjectAltName=DNS:localhost,DNS:127.0.0.1"

# put extensions
echo "subjectAltName=DNS:localhost,DNS:127.0.0.1" > client/localhost/localhost.ext

# sign with server_cert.pem
openssl x509 \
	-req \
	-in client/localhost/localhost.csr \
	-CA server/server_cert.pem \
	-CAkey server/server_key.pem \
	-set_serial 01 \
	-out client/localhost/localhost.pem \
	-days 365 \
  -extfile client/localhost/localhost.ext

Self-signed certificate (invalid)

mkdir -p client/self-signed
openssl req \
	-newkey rsa:4096 \
	-keyout client/self-signed/key.pem \
	-out client/self-signed/csr.pem \
	-nodes \
	-days 365 \
	-subj "/CN=Bob"

# sign with self-signed/key.pem
openssl x509 \
	-req \
	-in client/self-signed/csr.pem \
	-signkey client/self-signed/key.pem \
	-out client/self-signed/cert.pem \
	-days 365