Input buildinfo: https://buildinfos.debian.net/buildinfo-pool/r/ruby-certificate-authority/ruby-certificate-authority_0.2.0~434c15cd-1_all.buildinfo Use metasnap for getting required timestamps New buildinfo file: /tmp/ruby-certificate-authority-0.2.0~434c15cd-1bo_w6fj6/ruby-certificate-authority_0.2.0~434c15cd-1_all.buildinfo Get source package info: ruby-certificate-authority=0.2.0~434c15cd-1 Source URL: http://snapshot.notset.fr/mr/package/ruby-certificate-authority/0.2.0~434c15cd-1/srcfiles?fileinfo=1 env -i PATH=/usr/sbin:/usr/bin:/sbin:/bin TMPDIR=/tmp mmdebstrap --arch=amd64 --include=autoconf=2.69-11 automake=1:1.15.1-3 autopoint=0.19.8.1-4 autotools-dev=20171216.1 base-files=10.1 base-passwd=3.5.44 bash=4.4.18-1 binutils=2.30-2 binutils-common=2.30-2 binutils-x86-64-linux-gnu=2.30-2 bsdmainutils=11.1.2 bsdutils=1:2.30.2-0.3 build-essential=12.4 bzip2=1.0.6-8.1 ca-certificates=20170717 coreutils=8.28-1 cpp=4:7.2.0-1d1 cpp-7=7.3.0-1 dash=0.5.8-2.10 debconf=1.5.65 debhelper=11.1.4 debianutils=4.8.4 devscripts=2.17.12 dh-autoreconf=16 dh-python=2.20170125 dh-strip-nondeterminism=0.040-1 diffutils=1:3.6-1 dpkg=1.19.0.5 dpkg-dev=1.19.0.5 e2fslibs=1.43.8-2 e2fsprogs=1.43.8-2 fdisk=2.30.2-0.3 file=1:5.32-1 findutils=4.6.0+git+20170828-2 g++=4:7.2.0-1d1 g++-7=7.3.0-1 gcc=4:7.2.0-1d1 gcc-7=7.3.0-1 gcc-7-base=7.3.0-1 gcc-8-base=8-20180207-2 gem2deb=0.36 gem2deb-test-runner=0.36 gettext=0.19.8.1-4 gettext-base=0.19.8.1-4 grep=3.1-2 groff-base=1.22.3-10 gzip=1.6-5+b1 hostname=3.20 init-system-helpers=1.51 intltool-debian=0.35.0+20060710.4 libacl1=2.2.52-3+b1 libarchive-zip-perl=1.60-1 libasan4=7.3.0-1 libatomic1=8-20180207-2 libattr1=1:2.4.47-2+b2 libaudit-common=1:2.8.2-1 libaudit1=1:2.8.2-1 libbinutils=2.30-2 libblkid1=2.30.2-0.3 libbsd0=0.8.7-1 libbz2-1.0=1.0.6-8.1 libc-bin=2.26-6 libc-dev-bin=2.26-6 libc6=2.26-6 libc6-dev=2.26-6 libcap-ng0=0.7.7-3.1+b1 libcc1-0=8-20180207-2 libcilkrts5=7.3.0-1 libcomerr2=1.43.8-2 libcroco3=0.6.12-2 libdb5.3=5.3.28-13.1+b1 libdebconfclient0=0.240 libdpkg-perl=1.19.0.5 libexpat1=2.2.5-3 libfdisk1=2.30.2-0.3 libffi6=3.2.1-8 libfile-homedir-perl=1.002-1 libfile-stripnondeterminism-perl=0.040-1 libfile-which-perl=1.21-1 libgcc-7-dev=7.3.0-1 libgcc1=1:8-20180207-2 libgcrypt20=1.8.1-4 libgdbm3=1.8.3-14 libgdbm5=1.14.1-2 libglib2.0-0=2.54.3-2 libgmp-dev=2:6.1.2+dfsg-2 libgmp10=2:6.1.2+dfsg-2 libgmpxx4ldbl=2:6.1.2+dfsg-2 libgomp1=8-20180207-2 libgpg-error0=1.27-6 libicu57=57.1-8 libisl15=0.18-1 libitm1=8-20180207-2 libjs-jquery=3.2.1-1 libjs-jquery-easing=12-1 libjs-jquery-fancybox=12-1 libjs-jquery-mousewheel=12-1 libjs-jquery-ui=1.12.1+dfsg-5 liblsan0=8-20180207-2 liblz4-1=0.0~r131-2+b1 liblzma5=5.2.2-1.3 libmagic-mgc=1:5.32-1 libmagic1=1:5.32-1 libmount1=2.30.2-0.3 libmpc3=1.1.0-1 libmpdec2=2.4.2-1 libmpfr6=4.0.1-1 libmpx2=8-20180207-2 libncurses5=6.0+20171125-1 libncursesw5=6.0+20171125-1 libpam-modules=1.1.8-3.7 libpam-modules-bin=1.1.8-3.7 libpam-runtime=1.1.8-3.7 libpam0g=1.1.8-3.7 libpcre3=2:8.39-9 libperl5.26=5.26.1-4+b1 libpipeline1=1.5.0-1 libpython3-stdlib=3.6.4-1 libpython3.6-minimal=3.6.4-3 libpython3.6-stdlib=3.6.4-3 libquadmath0=8-20180207-2 libreadline7=7.0-3 libruby2.3=2.3.6-2 libruby2.5=2.5.0-4 libseccomp2=2.3.1-2.1 libselinux1=2.7-2+b1 libsigsegv2=2.12-1 libsmartcols1=2.30.2-0.3 libsqlite3-0=3.22.0-1 libss2=1.43.8-2 libssl1.0.2=1.0.2n-1 libssl1.1=1.1.0g-2 libstdc++-7-dev=7.3.0-1 libstdc++6=8-20180207-2 libsystemd0=237-1 libtimedate-perl=2.3000-2 libtinfo5=6.0+20171125-1 libtool=2.4.6-2 libtsan0=8-20180207-2 libubsan0=7.3.0-1 libudev1=237-1 libunistring2=0.9.8-1 libuuid1=2.30.2-0.3 libxml2=2.9.4+dfsg1-6.1 libyaml-0-2=0.1.7-2 linux-libc-dev=4.14.13-1 login=1:4.5-1 m4=1.4.18-1 make=4.1-9.1 man-db=2.8.1-1 mawk=1.3.3-17+b3 mime-support=3.60 ncurses-base=6.0+20171125-1 ncurses-bin=6.0+20171125-1 openssl=1.1.0g-2 patch=2.7.5-1+b2 perl=5.26.1-4+b1 perl-base=5.26.1-4+b1 perl-modules-5.26=5.26.1-4 po-debconf=1.0.20 python3=3.6.4-1 python3-distutils=3.6.4-3 python3-lib2to3=3.6.4-3 python3-minimal=3.6.4-1 python3.6=3.6.4-3 python3.6-minimal=3.6.4-3 rake=12.3.0-1 readline-common=7.0-3 ruby=1:2.5~1 ruby-all-dev=1:2.5~1 ruby-coveralls=0.8.21-1 ruby-did-you-mean=1.0.0-2 ruby-diff-lcs=1.3-1 ruby-docile=1.1.5-2 ruby-domain-name=0.5.20160216-2 ruby-http-cookie=1.0.2-1 ruby-json=2.1.0+dfsg-1+b1 ruby-mime-types=3.1-1 ruby-mime-types-data=3.2015.1120-1 ruby-minitest=5.10.3-1 ruby-multi-json=1.12.1-1 ruby-net-telnet=0.1.1-2 ruby-netrc=0.11.0-1 ruby-power-assert=0.3.0-1 ruby-rest-client=2.0.2-3 ruby-rspec=3.7.0c1e0m0s1-1 ruby-rspec-core=3.7.0c1e0m0s1-1 ruby-rspec-expectations=3.7.0c1e0m0s1-1 ruby-rspec-mocks=3.7.0c1e0m0s1-1 ruby-rspec-support=3.7.0c1e0m0s1-1 ruby-setup=3.4.1-9 ruby-simplecov=0.14.1-1 ruby-simplecov-html=0.10.0-1 ruby-term-ansicolor=1.3.0-1 ruby-test-unit=3.2.5-1 ruby-thor=0.19.4-1 ruby-thread-order=1.1.0-1 ruby-tins=1.1.0-1 ruby-unf=0.1.4-2 ruby-unf-ext=0.0.7.4-1+b1 ruby2.3=2.3.6-2 ruby2.3-dev=2.3.6-2 ruby2.5=2.5.0-4 ruby2.5-dev=2.5.0-4 rubygems-integration=1.11 sed=4.4-2 sensible-utils=0.0.11 sysvinit-utils=2.88dsf-59.10 tar=1.29b-2 util-linux=2.30.2-0.3 xz-utils=5.2.2-1.3 zlib1g=1:1.2.8.dfsg-5 --variant=apt --aptopt=Acquire::Check-Valid-Until "false" --aptopt=Acquire::http::Dl-Limit "1000"; --aptopt=Acquire::https::Dl-Limit "1000"; --aptopt=Acquire::Retries "5"; --aptopt=APT::Get::allow-downgrades "true"; --keyring=/usr/share/keyrings/ --essential-hook=chroot "$1" sh -c "apt-get --yes install fakeroot util-linux" --essential-hook=copy-in /usr/share/keyrings/debian-archive-bullseye-automatic.gpg /usr/share/keyrings/debian-archive-bullseye-security-automatic.gpg /usr/share/keyrings/debian-archive-bullseye-stable.gpg /usr/share/keyrings/debian-archive-buster-automatic.gpg /usr/share/keyrings/debian-archive-buster-security-automatic.gpg /usr/share/keyrings/debian-archive-buster-stable.gpg /usr/share/keyrings/debian-archive-keyring.gpg /usr/share/keyrings/debian-archive-removed-keys.gpg /usr/share/keyrings/debian-archive-stretch-automatic.gpg /usr/share/keyrings/debian-archive-stretch-security-automatic.gpg /usr/share/keyrings/debian-archive-stretch-stable.gpg /usr/share/keyrings/debian-ports-archive-keyring-removed.gpg /usr/share/keyrings/debian-ports-archive-keyring.gpg /usr/share/keyrings/debian-keyring.gpg /etc/apt/trusted.gpg.d/ --essential-hook=chroot "$1" sh -c "rm /etc/apt/sources.list && echo 'deb http://snapshot.notset.fr/archive/debian/20210814T212851Z/ bookworm main deb-src http://snapshot.notset.fr/archive/debian/20210814T212851Z/ bookworm main deb http://snapshot.notset.fr/archive/debian/20180228T152956Z/ unstable main deb http://snapshot.notset.fr/archive/debian/20180208T102906Z/ unstable main' >> /etc/apt/sources.list && apt-get update" --customize-hook=chroot "$1" useradd --no-create-home -d /nonexistent -p "" builduser -s /bin/bash --customize-hook=chroot "$1" env sh -c "apt-get source --only-source -d ruby-certificate-authority=0.2.0~434c15cd-1 && mkdir -p /build/ruby-certificate-authority-GK7S1i && dpkg-source --no-check -x /*.dsc /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd && chown -R builduser:builduser /build/ruby-certificate-authority-GK7S1i" --customize-hook=chroot "$1" env --unset=TMPDIR runuser builduser -c "cd /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd && env DEB_BUILD_OPTIONS="parallel=4" LC_ALL="POSIX" SOURCE_DATE_EPOCH="1518364114" dpkg-buildpackage -uc -a amd64 --build=all" --customize-hook=sync-out /build/ruby-certificate-authority-GK7S1i /tmp/ruby-certificate-authority-0.2.0~434c15cd-1bo_w6fj6 buster /dev/null deb http://snapshot.notset.fr/archive/debian/20180208T102906Z unstable main I: automatically chosen mode: root I: chroot architecture amd64 is equal to the host's architecture I: automatically chosen format: tar I: using /tmp/mmdebstrap.FH1h3G7iuW as tempdir I: running apt-get update... I: downloading packages with apt... I: extracting archives... I: installing essential packages... I: running --essential-hook in shell: sh -c 'chroot "$1" sh -c "apt-get --yes install fakeroot util-linux"' exec /tmp/mmdebstrap.FH1h3G7iuW Reading package lists... Building dependency tree... util-linux is already the newest version (2.30.2-0.3). The following NEW packages will be installed: fakeroot libfakeroot 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 132 kB of archives. After this operation, 373 kB of additional disk space will be used. Get:1 http://snapshot.notset.fr/archive/debian/20180208T102906Z unstable/main amd64 libfakeroot amd64 1.22-2 [45.9 kB] Get:2 http://snapshot.notset.fr/archive/debian/20180208T102906Z unstable/main amd64 fakeroot amd64 1.22-2 [85.7 kB] debconf: delaying package configuration, since apt-utils is not installed Fetched 132 kB in 0s (796 kB/s) Selecting previously unselected package libfakeroot:amd64. (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 4426 files and directories currently installed.) Preparing to unpack .../libfakeroot_1.22-2_amd64.deb ... Unpacking libfakeroot:amd64 (1.22-2) ... Selecting previously unselected package fakeroot. Preparing to unpack .../fakeroot_1.22-2_amd64.deb ... Unpacking fakeroot (1.22-2) ... Processing triggers for libc-bin (2.26-6) ... Setting up libfakeroot:amd64 (1.22-2) ... Setting up fakeroot (1.22-2) ... update-alternatives: using /usr/bin/fakeroot-sysv to provide /usr/bin/fakeroot (fakeroot) in auto mode Processing triggers for libc-bin (2.26-6) ... I: running special hook: copy-in /usr/share/keyrings/debian-archive-bullseye-automatic.gpg /usr/share/keyrings/debian-archive-bullseye-security-automatic.gpg /usr/share/keyrings/debian-archive-bullseye-stable.gpg /usr/share/keyrings/debian-archive-buster-automatic.gpg /usr/share/keyrings/debian-archive-buster-security-automatic.gpg /usr/share/keyrings/debian-archive-buster-stable.gpg /usr/share/keyrings/debian-archive-keyring.gpg /usr/share/keyrings/debian-archive-removed-keys.gpg /usr/share/keyrings/debian-archive-stretch-automatic.gpg /usr/share/keyrings/debian-archive-stretch-security-automatic.gpg /usr/share/keyrings/debian-archive-stretch-stable.gpg /usr/share/keyrings/debian-ports-archive-keyring-removed.gpg /usr/share/keyrings/debian-ports-archive-keyring.gpg /usr/share/keyrings/debian-keyring.gpg /etc/apt/trusted.gpg.d/ I: running --essential-hook in shell: sh -c 'chroot "$1" sh -c "rm /etc/apt/sources.list && echo 'deb http://snapshot.notset.fr/archive/debian/20210814T212851Z/ bookworm main deb-src http://snapshot.notset.fr/archive/debian/20210814T212851Z/ bookworm main deb http://snapshot.notset.fr/archive/debian/20180228T152956Z/ unstable main deb http://snapshot.notset.fr/archive/debian/20180208T102906Z/ unstable main' >> /etc/apt/sources.list && apt-get update"' exec /tmp/mmdebstrap.FH1h3G7iuW Get:1 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm InRelease [81.6 kB] Get:2 http://snapshot.notset.fr/archive/debian/20180228T152956Z unstable InRelease [241 kB] Hit:3 http://snapshot.notset.fr/archive/debian/20180208T102906Z unstable InRelease Ign:4 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main Sources Ign:5 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main amd64 Packages Ign:4 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main Sources Ign:5 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main amd64 Packages Get:4 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main Sources [11.4 MB] Get:5 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main amd64 Packages [11.1 MB] Ign:6 http://snapshot.notset.fr/archive/debian/20180228T152956Z unstable/main amd64 Packages Ign:6 http://snapshot.notset.fr/archive/debian/20180228T152956Z unstable/main amd64 Packages Get:6 http://snapshot.notset.fr/archive/debian/20180228T152956Z unstable/main amd64 Packages [10.6 MB] Fetched 33.4 MB in 28s (1186 kB/s) Reading package lists... I: installing remaining packages inside the chroot... I: running --customize-hook in shell: sh -c 'chroot "$1" useradd --no-create-home -d /nonexistent -p "" builduser -s /bin/bash' exec /tmp/mmdebstrap.FH1h3G7iuW I: running --customize-hook in shell: sh -c 'chroot "$1" env sh -c "apt-get source --only-source -d ruby-certificate-authority=0.2.0~434c15cd-1 && mkdir -p /build/ruby-certificate-authority-GK7S1i && dpkg-source --no-check -x /*.dsc /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd && chown -R builduser:builduser /build/ruby-certificate-authority-GK7S1i"' exec /tmp/mmdebstrap.FH1h3G7iuW Reading package lists... NOTICE: 'ruby-certificate-authority' packaging is maintained in the 'Git' version control system at: https://salsa.debian.org/ruby-team/ruby-certificate-authority.git Please use: git clone https://salsa.debian.org/ruby-team/ruby-certificate-authority.git to retrieve the latest (possibly unreleased) updates to the package. Need to get 64.3 kB of source archives. Get:1 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main ruby-certificate-authority 0.2.0~434c15cd-1 (dsc) [2287 B] Get:2 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main ruby-certificate-authority 0.2.0~434c15cd-1 (tar) [57.4 kB] Get:3 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main ruby-certificate-authority 0.2.0~434c15cd-1 (diff) [4596 B] Fetched 64.3 kB in 0s (561 kB/s) Download complete and in download only mode W: Download is performed unsandboxed as root as file 'ruby-certificate-authority_0.2.0~434c15cd-1.dsc' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) dpkg-source: info: extracting ruby-certificate-authority in /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd dpkg-source: info: unpacking ruby-certificate-authority_0.2.0~434c15cd.orig.tar.gz dpkg-source: info: unpacking ruby-certificate-authority_0.2.0~434c15cd-1.debian.tar.xz dpkg-source: info: applying 002_disable_pkcs11_pkey_ref dpkg-source: info: applying 003_fix_generated_csr dpkg-source: info: applying 0004-Let-ruby-find-certificate-authority-in-specs.patch I: running --customize-hook in shell: sh -c 'chroot "$1" env --unset=TMPDIR runuser builduser -c "cd /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd && env DEB_BUILD_OPTIONS="parallel=4" LC_ALL="POSIX" SOURCE_DATE_EPOCH="1518364114" dpkg-buildpackage -uc -a amd64 --build=all"' exec /tmp/mmdebstrap.FH1h3G7iuW dpkg-buildpackage: info: source package ruby-certificate-authority dpkg-buildpackage: info: source version 0.2.0~434c15cd-1 dpkg-buildpackage: info: source distribution unstable dpkg-buildpackage: info: source changed by Sebastien Badia dpkg-source --before-build ruby-certificate-authority-0.2.0-434c15cd fakeroot debian/rules clean dh clean --buildsystem=ruby --with ruby dh_auto_clean -O--buildsystem=ruby dh_ruby --clean dh_ruby --clean dh_clean -O--buildsystem=ruby debian/rules build-indep dh build-indep --buildsystem=ruby --with ruby dh_update_autotools_config -i -O--buildsystem=ruby dh_autoreconf -i -O--buildsystem=ruby dh_auto_configure -i -O--buildsystem=ruby dh_ruby --configure dh_auto_build -i -O--buildsystem=ruby dh_ruby --build dh_ruby --build dh_auto_test -i -O--buildsystem=ruby dh_ruby --test create-stamp debian/debhelper-build-stamp fakeroot debian/rules binary-indep dh binary-indep --buildsystem=ruby --with ruby dh_testroot -i -O--buildsystem=ruby dh_prep -i -O--buildsystem=ruby dh_auto_install -i -O--buildsystem=ruby dh_ruby --install /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority dh_ruby --install ┌──────────────────────────────────────────────────────────────────────────────┐ │ Install files │ └──────────────────────────────────────────────────────────────────────────────┘ install -d /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/serial_number.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/serial_number.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/certificate_revocation_list.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/certificate_revocation_list.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/extensions.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/extensions.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/signing_request.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/signing_request.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/signing_entity.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/signing_entity.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/ocsp_handler.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/ocsp_handler.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/certificate.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/certificate.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/pkcs11_key_material.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/pkcs11_key_material.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/revocable.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/revocable.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/key_material.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/key_material.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/validations.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/validations.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/core_extensions.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/core_extensions.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/distinguished_name.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority/distinguished_name.rb install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/tasks/certificate_authority.rake /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/tasks/certificate_authority.rake install -D -m644 /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority.rb /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/certificate_authority.rb ┌──────────────────────────────────────────────────────────────────────────────┐ │ Install Rubygems integration metadata │ └──────────────────────────────────────────────────────────────────────────────┘ generating gemspec at /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/share/rubygems-integration/all/specifications/certificate_authority-0.2.0.gemspec /usr/bin/ruby2.3 /usr/bin/gem2deb-test-runner ┌──────────────────────────────────────────────────────────────────────────────┐ │ Checking Rubygems dependency resolution on ruby2.3 │ └──────────────────────────────────────────────────────────────────────────────┘ GEM_PATH=debian/ruby-certificate-authority/usr/share/rubygems-integration/all:/var/lib/gems/2.3.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.3.0:/usr/share/rubygems-integration/2.3.0:/usr/share/rubygems-integration/all ruby2.3 -e gem\ \"certificate_authority\" ┌──────────────────────────────────────────────────────────────────────────────┐ │ Run tests for ruby2.3 from debian/ruby-tests.rake │ └──────────────────────────────────────────────────────────────────────────────┘ RUBYLIB=/build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby:. GEM_PATH=debian/ruby-certificate-authority/usr/share/rubygems-integration/all:/var/lib/gems/2.3.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.3.0:/usr/share/rubygems-integration/2.3.0:/usr/share/rubygems-integration/all ruby2.3 -S rake -f debian/ruby-tests.rake /usr/bin/ruby2.3 /usr/bin/rspec --pattern ./spec/\*\*/\*_spec.rb --format documentation [Coveralls] Set up the SimpleCov formatter. [Coveralls] Using SimpleCov's default settings. CertificateAuthority::CertificateRevocationList should accept a list of certificates should complain if you add a certificate without a revocation time should have a 'parent' that will be responsible for signing should raise an error if you try and sign a CRL without attaching a parent should be able to generate a proper CRL should be able to mix Certificates and SerialNumbers for convenience should have the correct number of entities should have the serial numbers of revoked entities should be valid according to OpenSSL and signer Digests should use SHA512 by default should support alternate digests supported by OpenSSL Next update should be able to set a 'next_update' value should throw an error if we try and sign up with a negative next_update CertificateAuthority::Certificate should have a distinguished name should have a serial number should have a subject should be able to have a parent entity should have key material should have a not_before field should have a not_after field should default to one year validity should be able to have a revoked at time CertificateAuthority::SigningEntity should behave as a signing entity should only be a signing entity if it's identified as a CA should be able to be identified as a root certificate Root certificates should be able to be identified as a root certificate should only be a root certificate if the parent entity is itself should be a root certificate by default should be able to self-sign should have the basicContraint CA:TRUE Intermediate certificates should be able to be identified as an intermediate certificate should not be identified as a root should only be an intermediate certificate if the parent is a different entity should correctly be signed by a parent certificate should have the basicContraint CA:TRUE Terminal certificates should not be identified as an intermediate certificate should not be identified as a root should have the basicContraint CA:FALSE Signed certificates should have a PEM encoded certificate body available X.509 V3 Extensions on Signed Certificates should support BasicConstraints should support subjectKeyIdentifier should support authorityKeyIdentifier should order subjectKeyIdentifier before authorityKeyIdentifier should support keyUsage should support extendedKeyUsage SubjectAltName should have a subjectAltName if specified should NOT have a subjectAltName if one was not specified should replace email:copy with email address AuthorityInfoAccess should have an authority info access if specified CrlDistributionPoints should have a crlDistributionPoint if specified should NOT have a crlDistributionPoint if one was not specified CertificatePolicies should have a certificatePolicy if specified should contain a nested userNotice if specified (PENDING: No reason given) should NOT include a certificatePolicy if not specified Signing profile should be able to sign with an optional policy hash should support a default signing digest of SHA512 should support a configurable digest algorithm from_openssl should reject non-Certificate arguments should only be missing a private key should check to make sure that if a certificate had extensions they were imported CertificateAuthority::DistinguishedName should provide the standard x.509 distinguished name common attributes should provide human-readable equivalents to the distinguished name common attributes should require a common name should be convertible to an OpenSSL::X509::Name from_openssl should reject non Name objects should set the common_name attribute should set the locality attribute should set the state attribute should set the country attribute should set the organization attribute should set the organizational_unit attribute should create an equivalent object CertificateAuthority::WrappedDistinguishedName should mark the DN as having custom OIDs if there's an unknown subject element CertificateAuthority::Extensions CertificateAuthority::Extensions::BasicConstraints should only allow true/false should respond to :path_len should raise an error if :path_len isn't a non-negative integer should generate a proper OpenSSL extension string should parse values from a proper OpenSSL extension string CertificateAuthority::Extensions::SubjectAlternativeName should respond to :uris should require 'uris' to be an Array should generate a proper OpenSSL extension string for URIs should parse URIs from a proper OpenSSL extension string should respond to :dns_names should require 'dns_names' to be an Array should generate a proper OpenSSL extension string for DNS names should parse DNS names from a proper OpenSSL extension string should respond to :ips should require 'ips' to be an Array should generate a proper OpenSSL extension string for IPs should parse IPs from a proper OpenSSL extension string should generate a proper OpenSSL extension string for URIs IPs and DNS names together should parse URIs IPs and DNS names together from a proper OpenSSL extension string emails should require 'emails' to be an Array should generate a proper OpenSSL extension string for emails CertificateAuthority::KeyMaterial CertificateAuthority::MemoryKeyMaterial should know if a key is in memory or hardware should use memory by default CertificateAuthority::SigningRequestKeyMaterial should know if a key is in memory or hardware should use memory by default reading keys from PEM should include a means of reading an RSA keypair should include a means of reading encrypted RSA keypairs should raise an exception if you read an encrypted keypair w/ bad password should include a means of reading a public-only PEM formatted key CertificateAuthority::MemoryKeyMaterial should be able to generate an RSA key should generate a proper OpenSSL::PKey::RSA should be able to specify the size of the modulus to generate should not validate without public and private keys with generated key should be able to retrieve the private key should be able to retrieve the public key CertificateAuthority::SigningRequestKeyMaterial should generate from a CSR should be able to expose a public key should not have a private key should raise when signature does not verify CertificateAuthority::OCSPRequestReader should read in the DER encoded body should read out certificate serial numbers CertificateAuthority::OCSPResponseBuilder should build from a OCSPRequestReader should build a response should verify against the root should have a configurable nextUpdate verification mechanisms should support an everything's OK default (though somewhat useless) should support an overridable verification mechanism callback CertificateAuthority::OCSPHandler should be able to accept an OCSP Request should raise an error if you try and extract certificates without a raw request should return a hash of extracted certificates from OCSP requests should be able to generate an OCSP response should require a 'parent' entity for signing should raise an error if you ask for the signed OCSP response without generating it should raise an error if you generate a response without adding all certificates in request should raise an error if you generate a response without adding a parent signing entity Response should have a correct status/status string should have an embedded BasicResponse with certificate statuses should have a next_update time CertificateAuthority::Pkcs11KeyMaterial should identify as being in hardware should return a Pkey ref if the private key is requested (PENDING: Temporarily skipped with xit) should return a Pkey ref if the public key is requested (PENDING: Temporarily skipped with xit) should accept an ID for on-token objects should accept a path to a shared library for a PKCS11 driver should accept a path to OpenSSL's dynamic PKCS11 engine (provided by libengine-pkcs11-openssl) should accept an optional PIN to authenticate to the token CertificateAuthority::SerialNumber should support basic integer serial numbers should not allow negative serial numbers CertificateAuthority::SigningRequest should generate from a PEM CSR should generate a proper DN from the CSR should expose the underlying OpenSSL CSR should expose the PEM encoded original CSR transforming to a certificate should allow transformation to a certificate should be signable w/ a serial number Netscape SPKAC should process a netscape SPKAC Generating CSRs should generate a CSR should generate a signed CSR should generate a CSR w/ a subjectAlternativeName extension Using OpenSSL Signing CSRs With a server CSR it should behave like a csr operation it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name With a client CSR it should behave like a csr operation it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name Handling externally supplied CAs and certs A custom CA signing a client cert it should behave like comparing a pair of openssl certs using openssl it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name using certificate_authority should match the original ca's distinguished name should match the original openssl ca should match the original cert's distinguished name should match the original openssl cert it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name A custom CA signing a server cert it should behave like comparing a pair of openssl certs using openssl it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name using certificate_authority should match the original ca's distinguished name should match the original openssl ca should match the original cert's distinguished name should match the original openssl cert it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name Github's signer it should behave like comparing a pair of openssl certs using openssl it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name using certificate_authority should match the original ca's distinguished name should match the original openssl ca should match the original cert's distinguished name should match the original openssl cert it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name Apple's WWDR signer it should behave like comparing a pair of openssl certs using openssl it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name using certificate_authority should match the original ca's distinguished name should match the original openssl ca should match the original cert's distinguished name should match the original openssl cert it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name Pending: (Failures listed here are expected and do not affect your suite's status) 1) CertificateAuthority::Certificate X.509 V3 Extensions on Signed Certificates CertificatePolicies should contain a nested userNotice if specified # No reason given Failure/Error: expect(ext.to_a[1]).to include("Testing explicit text!") expected "" to include "Testing explicit text!" # ./spec/units/certificate_spec.rb:282:in `block (5 levels) in ' # ./spec/units/certificate_spec.rb:280:in `each' # ./spec/units/certificate_spec.rb:280:in `block (4 levels) in ' 2) CertificateAuthority::Pkcs11KeyMaterial should return a Pkey ref if the private key is requested # Temporarily skipped with xit # ./spec/units/pkcs11_key_material_spec.rb:17 3) CertificateAuthority::Pkcs11KeyMaterial should return a Pkey ref if the public key is requested # Temporarily skipped with xit # ./spec/units/pkcs11_key_material_spec.rb:21 Finished in 3.2 seconds (files took 0.68839 seconds to load) 196 examples, 0 failures, 3 pending [Coveralls] Outside the CI environment, not sending data. /usr/bin/ruby2.5 /usr/bin/gem2deb-test-runner ┌──────────────────────────────────────────────────────────────────────────────┐ │ Checking Rubygems dependency resolution on ruby2.5 │ └──────────────────────────────────────────────────────────────────────────────┘ GEM_PATH=debian/ruby-certificate-authority/usr/share/rubygems-integration/all:/var/lib/gems/2.5.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.5.0:/usr/share/rubygems-integration/2.5.0:/usr/share/rubygems-integration/all ruby2.5 -e gem\ \"certificate_authority\" ┌──────────────────────────────────────────────────────────────────────────────┐ │ Run tests for ruby2.5 from debian/ruby-tests.rake │ └──────────────────────────────────────────────────────────────────────────────┘ RUBYLIB=/build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby:. GEM_PATH=debian/ruby-certificate-authority/usr/share/rubygems-integration/all:/var/lib/gems/2.5.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.5.0:/usr/share/rubygems-integration/2.5.0:/usr/share/rubygems-integration/all ruby2.5 -S rake -f debian/ruby-tests.rake /usr/bin/ruby2.5 /usr/bin/rspec --pattern ./spec/\*\*/\*_spec.rb --format documentation [Coveralls] Set up the SimpleCov formatter. [Coveralls] Using SimpleCov's default settings. CertificateAuthority::CertificateRevocationList should accept a list of certificates should complain if you add a certificate without a revocation time should have a 'parent' that will be responsible for signing should raise an error if you try and sign a CRL without attaching a parent should be able to generate a proper CRL should be able to mix Certificates and SerialNumbers for convenience should have the correct number of entities should have the serial numbers of revoked entities should be valid according to OpenSSL and signer Digests should use SHA512 by default should support alternate digests supported by OpenSSL Next update should be able to set a 'next_update' value should throw an error if we try and sign up with a negative next_update CertificateAuthority::Certificate should have a distinguished name should have a serial number should have a subject should be able to have a parent entity should have key material should have a not_before field should have a not_after field should default to one year validity should be able to have a revoked at time CertificateAuthority::SigningEntity should behave as a signing entity should only be a signing entity if it's identified as a CA should be able to be identified as a root certificate Root certificates should be able to be identified as a root certificate should only be a root certificate if the parent entity is itself should be a root certificate by default should be able to self-sign should have the basicContraint CA:TRUE Intermediate certificates should be able to be identified as an intermediate certificate should not be identified as a root should only be an intermediate certificate if the parent is a different entity should correctly be signed by a parent certificate should have the basicContraint CA:TRUE Terminal certificates should not be identified as an intermediate certificate should not be identified as a root should have the basicContraint CA:FALSE Signed certificates should have a PEM encoded certificate body available X.509 V3 Extensions on Signed Certificates should support BasicConstraints should support subjectKeyIdentifier should support authorityKeyIdentifier should order subjectKeyIdentifier before authorityKeyIdentifier should support keyUsage should support extendedKeyUsage SubjectAltName should have a subjectAltName if specified should NOT have a subjectAltName if one was not specified should replace email:copy with email address AuthorityInfoAccess should have an authority info access if specified CrlDistributionPoints should have a crlDistributionPoint if specified should NOT have a crlDistributionPoint if one was not specified CertificatePolicies should have a certificatePolicy if specified should contain a nested userNotice if specified (PENDING: No reason given) should NOT include a certificatePolicy if not specified Signing profile should be able to sign with an optional policy hash should support a default signing digest of SHA512 should support a configurable digest algorithm from_openssl should reject non-Certificate arguments should only be missing a private key should check to make sure that if a certificate had extensions they were imported CertificateAuthority::DistinguishedName should provide the standard x.509 distinguished name common attributes should provide human-readable equivalents to the distinguished name common attributes should require a common name should be convertible to an OpenSSL::X509::Name from_openssl should reject non Name objects should set the common_name attribute should set the locality attribute should set the state attribute should set the country attribute should set the organization attribute should set the organizational_unit attribute should create an equivalent object CertificateAuthority::WrappedDistinguishedName should mark the DN as having custom OIDs if there's an unknown subject element CertificateAuthority::Extensions CertificateAuthority::Extensions::BasicConstraints should only allow true/false should respond to :path_len /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/lib/certificate_authority/extensions.rb:63: warning: constant ::Fixnum is deprecated should raise an error if :path_len isn't a non-negative integer should generate a proper OpenSSL extension string should parse values from a proper OpenSSL extension string CertificateAuthority::Extensions::SubjectAlternativeName should respond to :uris should require 'uris' to be an Array should generate a proper OpenSSL extension string for URIs should parse URIs from a proper OpenSSL extension string should respond to :dns_names should require 'dns_names' to be an Array should generate a proper OpenSSL extension string for DNS names should parse DNS names from a proper OpenSSL extension string should respond to :ips should require 'ips' to be an Array should generate a proper OpenSSL extension string for IPs should parse IPs from a proper OpenSSL extension string should generate a proper OpenSSL extension string for URIs IPs and DNS names together should parse URIs IPs and DNS names together from a proper OpenSSL extension string emails should require 'emails' to be an Array should generate a proper OpenSSL extension string for emails CertificateAuthority::KeyMaterial CertificateAuthority::MemoryKeyMaterial should know if a key is in memory or hardware should use memory by default CertificateAuthority::SigningRequestKeyMaterial should know if a key is in memory or hardware should use memory by default reading keys from PEM should include a means of reading an RSA keypair should include a means of reading encrypted RSA keypairs should raise an exception if you read an encrypted keypair w/ bad password should include a means of reading a public-only PEM formatted key CertificateAuthority::MemoryKeyMaterial should be able to generate an RSA key should generate a proper OpenSSL::PKey::RSA should be able to specify the size of the modulus to generate should not validate without public and private keys with generated key should be able to retrieve the private key should be able to retrieve the public key CertificateAuthority::SigningRequestKeyMaterial should generate from a CSR should be able to expose a public key should not have a private key should raise when signature does not verify CertificateAuthority::OCSPRequestReader should read in the DER encoded body should read out certificate serial numbers CertificateAuthority::OCSPResponseBuilder should build from a OCSPRequestReader should build a response should verify against the root should have a configurable nextUpdate verification mechanisms should support an everything's OK default (though somewhat useless) should support an overridable verification mechanism callback CertificateAuthority::OCSPHandler should be able to accept an OCSP Request should raise an error if you try and extract certificates without a raw request should return a hash of extracted certificates from OCSP requests should be able to generate an OCSP response should require a 'parent' entity for signing should raise an error if you ask for the signed OCSP response without generating it should raise an error if you generate a response without adding all certificates in request should raise an error if you generate a response without adding a parent signing entity Response should have a correct status/status string should have an embedded BasicResponse with certificate statuses should have a next_update time CertificateAuthority::Pkcs11KeyMaterial should identify as being in hardware should return a Pkey ref if the private key is requested (PENDING: Temporarily skipped with xit) should return a Pkey ref if the public key is requested (PENDING: Temporarily skipped with xit) should accept an ID for on-token objects should accept a path to a shared library for a PKCS11 driver should accept a path to OpenSSL's dynamic PKCS11 engine (provided by libengine-pkcs11-openssl) should accept an optional PIN to authenticate to the token CertificateAuthority::SerialNumber should support basic integer serial numbers should not allow negative serial numbers CertificateAuthority::SigningRequest should generate from a PEM CSR should generate a proper DN from the CSR should expose the underlying OpenSSL CSR should expose the PEM encoded original CSR transforming to a certificate should allow transformation to a certificate should be signable w/ a serial number Netscape SPKAC should process a netscape SPKAC Generating CSRs should generate a CSR should generate a signed CSR should generate a CSR w/ a subjectAlternativeName extension Using OpenSSL Signing CSRs With a server CSR it should behave like a csr operation it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name With a client CSR it should behave like a csr operation it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name Handling externally supplied CAs and certs A custom CA signing a client cert it should behave like comparing a pair of openssl certs using openssl it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name using certificate_authority should match the original ca's distinguished name should match the original openssl ca should match the original cert's distinguished name should match the original openssl cert it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name A custom CA signing a server cert it should behave like comparing a pair of openssl certs using openssl it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name using certificate_authority should match the original ca's distinguished name should match the original openssl ca should match the original cert's distinguished name should match the original openssl cert it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name Github's signer it should behave like comparing a pair of openssl certs using openssl it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name using certificate_authority should match the original ca's distinguished name should match the original openssl ca should match the original cert's distinguished name should match the original openssl cert it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name Apple's WWDR signer it should behave like comparing a pair of openssl certs using openssl it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name using certificate_authority should match the original ca's distinguished name should match the original openssl ca should match the original cert's distinguished name should match the original openssl cert it should behave like an ossl issuer and its signed cert should issue a certificate verified by the issuer should issue a certificate with a matching issuer subject string should issue a certificate with a matching issuer subject openssl name Pending: (Failures listed here are expected and do not affect your suite's status) 1) CertificateAuthority::Certificate X.509 V3 Extensions on Signed Certificates CertificatePolicies should contain a nested userNotice if specified # No reason given Failure/Error: expect(ext.to_a[1]).to include("Testing explicit text!") expected "" to include "Testing explicit text!" # ./spec/units/certificate_spec.rb:282:in `block (5 levels) in ' # ./spec/units/certificate_spec.rb:280:in `each' # ./spec/units/certificate_spec.rb:280:in `block (4 levels) in ' 2) CertificateAuthority::Pkcs11KeyMaterial should return a Pkey ref if the private key is requested # Temporarily skipped with xit # ./spec/units/pkcs11_key_material_spec.rb:17 3) CertificateAuthority::Pkcs11KeyMaterial should return a Pkey ref if the public key is requested # Temporarily skipped with xit # ./spec/units/pkcs11_key_material_spec.rb:21 Finished in 3.21 seconds (files took 0.78498 seconds to load) 196 examples, 0 failures, 3 pending [Coveralls] Outside the CI environment, not sending data. ┌──────────────────────────────────────────────────────────────────────────────┐ │ dh_ruby --install finished │ └──────────────────────────────────────────────────────────────────────────────┘ debian/rules override_dh_install make[1]: Entering directory '/build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd' dh_install set -e && rm -rf /build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd/debian/ruby-certificate-authority/usr/lib/ruby/vendor_ruby/tasks make[1]: Leaving directory '/build/ruby-certificate-authority-GK7S1i/ruby-certificate-authority-0.2.0-434c15cd' dh_installdocs -i -O--buildsystem=ruby dh_ruby_fixdocs -i -O--buildsystem=ruby dh_installchangelogs -i -O--buildsystem=ruby dh_perl -i -O--buildsystem=ruby dh_link -i -O--buildsystem=ruby dh_strip_nondeterminism -i -O--buildsystem=ruby dh_compress -X.rb -i -O--buildsystem=ruby dh_fixperms -i -O--buildsystem=ruby dh_missing -i -O--buildsystem=ruby dh_installdeb -i -O--buildsystem=ruby dh_gencontrol -i -O--buildsystem=ruby dpkg-gencontrol: warning: Depends field of package ruby-certificate-authority: unknown substitution variable ${shlibs:Depends} dh_md5sums -i -O--buildsystem=ruby dh_builddeb -i -O--buildsystem=ruby dpkg-deb: building package 'ruby-certificate-authority' in '../ruby-certificate-authority_0.2.0~434c15cd-1_all.deb'. dpkg-genbuildinfo --build=all dpkg-genchanges --build=all >../ruby-certificate-authority_0.2.0~434c15cd-1_all.changes dpkg-genchanges: info: binary-only arch-indep upload (source code and arch-specific packages not included) dpkg-source --after-build ruby-certificate-authority-0.2.0-434c15cd dpkg-buildpackage: info: binary-only upload (no source included) I: running special hook: sync-out /build/ruby-certificate-authority-GK7S1i /tmp/ruby-certificate-authority-0.2.0~434c15cd-1bo_w6fj6 I: cleaning package lists and apt cache... I: creating tarball... I: done I: removing tempdir /tmp/mmdebstrap.FH1h3G7iuW... I: success in 251.4908 seconds md5: ruby-certificate-authority_0.2.0~434c15cd-1_all.deb: OK sha1: ruby-certificate-authority_0.2.0~434c15cd-1_all.deb: OK sha256: ruby-certificate-authority_0.2.0~434c15cd-1_all.deb: OK Checksums: OK