Extend test cert to 2049-05-27
Extend test cert to 2049-05-27 instead of expiring in 2024-02-29
This update did not trigger y2038 bugs on 32-bit systems.
Without this patch, one test fails after 2024: doit:124: rsa pss key: gnutls_x509_crt_verify_data2 | FAIL x509sign-verify (exit status: 1)
Background: As part of my work on reproducible builds for openSUSE, I check that software still gives identical build results in the future. The usual offset is +15 years, because that is how long I expect some software will be used in some places. This showed up failing tests in our package build. See https://reproducible-builds.org/ for why this matters.
Signed-off-by:with name/author being identical to the commit author
- Code modified for feature
- Test suite updated with functionality tests
- Test suite updated with negative tests
- Documentation updated / NEWS entry present (for non-trivial changes)
- CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)
- Any issues marked for closing are addressed
- There is a test suite reasonably covering new functionality or modifications
Function naming, parameters, return values, types, etc., are consistent and according to
- This feature/change has adequate documentation added
- No obvious mistakes in the code
Note: I used certtool -u to create the new cert, but am unsure why it is 2 lines shorter than the old one.
Edit: using a newer version of certtool with
--sign-params=RSA-PSS --key-type rsa-pss --salt-size=32 helped.