Update expired certificates used in the testsuite

Backport patches from upstream that replace the expired certificates
with newer ones.

(cherry picked from RHEL 8 openssl commit bcada907b752790fee9d918323db086141e2a05a)

Resolves: RHEL-5297

compat-openssl11.spec

@@ -22,7 +22,7 @@
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: compat-openssl11
 Version: 1.1.1k
-Release: 4%{?dist}
+Release: 5%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -76,6 +76,7 @@ Patch53: openssl-1.1.1-fips-crng-test.patch
 Patch55: openssl-1.1.1-arm-update.patch
 Patch56: openssl-1.1.1-s390x-ecc.patch
 Patch73: openssl-1.1.1-cve-2022-0778.patch
+Patch83: openssl-1.1.1-replace-expired-certs.patch
 
 License: OpenSSL and ASL 2.0
 URL: http://www.openssl.org/
@@ -145,6 +146,7 @@ cp %{SOURCE13} test/
 %patch71 -p1 -b .conf-new
 %patch72 -p1 -b .disable-fips
 %patch73 -p1 -b .cve-2022-0778
+%patch -P 83 -p1 -b .replace-expired-certs
 
 cp apps/openssl.cnf apps/openssl11.cnf
 
@@ -313,6 +315,10 @@ install -m 644 apps/openssl11.cnf $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl1
 %ldconfig_scriptlets
 
 %changelog
+* Thu Sep 21 2023 Clemens Lang <cllang@redhat.com> - 1:1.1.1k-5
+- Update expired certificates used in the testsuite
+  Resolves: RHEL-5297
+
 * Mon May 30 2022 Clemens Lang <cllang@redhat.com> - 1:1.1.1k-4
 - Fixes CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
   Resolves: rhbz#2063148