Open Bug 1117750 Opened 10 years ago Updated 2 years ago

Look into generating the testing profile certificate databases at certificate generation time or build-time


(Testing :: Mochitest, defect)



(Not tracked)


(Reporter: ted, Unassigned)


Right now we have this Python script that generates our CA certificate and test server certificates:

We run this script when we need to change our testing certificates in some fundamental way (the CA cert has expired, or we need to add or remove server certs) and we commit the resulting files:

At test runtime, the Mochitest harness uses those checked-in certs to fill a cert DB in the testing profile:

Of course this requires runnable versions of certutil/pk12util at test runtime, which means for cross-compile scenarios (Android/B2G) we need to have those in the hostutils package.

I believe we could instead just do the profile cert DB generation in and commit the results to the tree. This would essentially involve taking the code from and moving it into, and then committing the results, ensuring that they get copied to a useful place in the test package, and then modifying the code to simply copy them to the testing profile. This would simplify things at test runtime, which is always nice.
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.