]>
Commit | Line | Data |
---|---|---|
63936115 EK |
1 | # Generated with generate_ssl_tests.pl |
2 | ||
3 | num_tests = 20 | |
4 | ||
5 | test-0 = 0-server-auth-flex | |
6 | test-1 = 1-client-auth-flex-request | |
7 | test-2 = 2-client-auth-flex-require-fail | |
8 | test-3 = 3-client-auth-flex-require | |
9 | test-4 = 4-client-auth-flex-noroot | |
10 | test-5 = 5-server-auth-TLSv1 | |
11 | test-6 = 6-client-auth-TLSv1-request | |
12 | test-7 = 7-client-auth-TLSv1-require-fail | |
13 | test-8 = 8-client-auth-TLSv1-require | |
14 | test-9 = 9-client-auth-TLSv1-noroot | |
15 | test-10 = 10-server-auth-TLSv1.1 | |
16 | test-11 = 11-client-auth-TLSv1.1-request | |
17 | test-12 = 12-client-auth-TLSv1.1-require-fail | |
18 | test-13 = 13-client-auth-TLSv1.1-require | |
19 | test-14 = 14-client-auth-TLSv1.1-noroot | |
20 | test-15 = 15-server-auth-TLSv1.2 | |
21 | test-16 = 16-client-auth-TLSv1.2-request | |
22 | test-17 = 17-client-auth-TLSv1.2-require-fail | |
23 | test-18 = 18-client-auth-TLSv1.2-require | |
24 | test-19 = 19-client-auth-TLSv1.2-noroot | |
25 | # =========================================================== | |
26 | ||
27 | [0-server-auth-flex] | |
28 | ssl_conf = 0-server-auth-flex-ssl | |
29 | ||
30 | [0-server-auth-flex-ssl] | |
31 | server = 0-server-auth-flex-server | |
32 | client = 0-server-auth-flex-client | |
33 | ||
34 | [0-server-auth-flex-server] | |
35 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
36 | CipherString = DEFAULT | |
37 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
38 | ||
63936115 EK |
39 | [0-server-auth-flex-client] |
40 | CipherString = DEFAULT | |
41 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
42 | VerifyMode = Peer | |
43 | ||
63936115 EK |
44 | [test-0] |
45 | ExpectedResult = Success | |
46 | ||
47 | ||
48 | # =========================================================== | |
49 | ||
50 | [1-client-auth-flex-request] | |
51 | ssl_conf = 1-client-auth-flex-request-ssl | |
52 | ||
53 | [1-client-auth-flex-request-ssl] | |
54 | server = 1-client-auth-flex-request-server | |
55 | client = 1-client-auth-flex-request-client | |
56 | ||
57 | [1-client-auth-flex-request-server] | |
58 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
59 | CipherString = DEFAULT | |
60 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
61 | VerifyMode = Request | |
62 | ||
63936115 EK |
63 | [1-client-auth-flex-request-client] |
64 | CipherString = DEFAULT | |
65 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
66 | VerifyMode = Peer | |
67 | ||
63936115 EK |
68 | [test-1] |
69 | ExpectedResult = Success | |
70 | ||
71 | ||
72 | # =========================================================== | |
73 | ||
74 | [2-client-auth-flex-require-fail] | |
75 | ssl_conf = 2-client-auth-flex-require-fail-ssl | |
76 | ||
77 | [2-client-auth-flex-require-fail-ssl] | |
78 | server = 2-client-auth-flex-require-fail-server | |
79 | client = 2-client-auth-flex-require-fail-client | |
80 | ||
81 | [2-client-auth-flex-require-fail-server] | |
82 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
83 | CipherString = DEFAULT | |
84 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
85 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem | |
86 | VerifyMode = Require | |
87 | ||
63936115 EK |
88 | [2-client-auth-flex-require-fail-client] |
89 | CipherString = DEFAULT | |
90 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
91 | VerifyMode = Peer | |
92 | ||
63936115 EK |
93 | [test-2] |
94 | ExpectedResult = ServerFail | |
9f48bbac | 95 | ExpectedServerAlert = HandshakeFailure |
63936115 EK |
96 | |
97 | ||
98 | # =========================================================== | |
99 | ||
100 | [3-client-auth-flex-require] | |
101 | ssl_conf = 3-client-auth-flex-require-ssl | |
102 | ||
103 | [3-client-auth-flex-require-ssl] | |
104 | server = 3-client-auth-flex-require-server | |
105 | client = 3-client-auth-flex-require-client | |
106 | ||
107 | [3-client-auth-flex-require-server] | |
108 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
109 | CipherString = DEFAULT | |
110 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
111 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem | |
112 | VerifyMode = Request | |
113 | ||
63936115 EK |
114 | [3-client-auth-flex-require-client] |
115 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
116 | CipherString = DEFAULT | |
117 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem | |
118 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
119 | VerifyMode = Peer | |
120 | ||
63936115 | 121 | [test-3] |
a470f023 | 122 | ExpectedClientCertType = RSA |
63936115 EK |
123 | ExpectedResult = Success |
124 | ||
125 | ||
126 | # =========================================================== | |
127 | ||
128 | [4-client-auth-flex-noroot] | |
129 | ssl_conf = 4-client-auth-flex-noroot-ssl | |
130 | ||
131 | [4-client-auth-flex-noroot-ssl] | |
132 | server = 4-client-auth-flex-noroot-server | |
133 | client = 4-client-auth-flex-noroot-client | |
134 | ||
135 | [4-client-auth-flex-noroot-server] | |
136 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
137 | CipherString = DEFAULT | |
138 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem | |
139 | VerifyMode = Require | |
140 | ||
63936115 EK |
141 | [4-client-auth-flex-noroot-client] |
142 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
143 | CipherString = DEFAULT | |
144 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem | |
145 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem | |
146 | VerifyMode = Peer | |
147 | ||
63936115 EK |
148 | [test-4] |
149 | ExpectedResult = ServerFail | |
9f48bbac | 150 | ExpectedServerAlert = UnknownCA |
63936115 EK |
151 | |
152 | ||
153 | # =========================================================== | |
154 | ||
155 | [5-server-auth-TLSv1] | |
156 | ssl_conf = 5-server-auth-TLSv1-ssl | |
157 | ||
158 | [5-server-auth-TLSv1-ssl] | |
159 | server = 5-server-auth-TLSv1-server | |
160 | client = 5-server-auth-TLSv1-client | |
161 | ||
162 | [5-server-auth-TLSv1-server] | |
163 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
164 | CipherString = DEFAULT | |
78cbe94f MC |
165 | MaxProtocol = TLSv1 |
166 | MinProtocol = TLSv1 | |
63936115 | 167 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 | 168 | |
63936115 EK |
169 | [5-server-auth-TLSv1-client] |
170 | CipherString = DEFAULT | |
78cbe94f MC |
171 | MaxProtocol = TLSv1 |
172 | MinProtocol = TLSv1 | |
63936115 EK |
173 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
174 | VerifyMode = Peer | |
175 | ||
63936115 EK |
176 | [test-5] |
177 | ExpectedResult = Success | |
178 | ||
179 | ||
180 | # =========================================================== | |
181 | ||
182 | [6-client-auth-TLSv1-request] | |
183 | ssl_conf = 6-client-auth-TLSv1-request-ssl | |
184 | ||
185 | [6-client-auth-TLSv1-request-ssl] | |
186 | server = 6-client-auth-TLSv1-request-server | |
187 | client = 6-client-auth-TLSv1-request-client | |
188 | ||
189 | [6-client-auth-TLSv1-request-server] | |
190 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
191 | CipherString = DEFAULT | |
78cbe94f MC |
192 | MaxProtocol = TLSv1 |
193 | MinProtocol = TLSv1 | |
63936115 | 194 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
195 | VerifyMode = Request |
196 | ||
63936115 EK |
197 | [6-client-auth-TLSv1-request-client] |
198 | CipherString = DEFAULT | |
78cbe94f MC |
199 | MaxProtocol = TLSv1 |
200 | MinProtocol = TLSv1 | |
63936115 EK |
201 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
202 | VerifyMode = Peer | |
203 | ||
63936115 EK |
204 | [test-6] |
205 | ExpectedResult = Success | |
206 | ||
207 | ||
208 | # =========================================================== | |
209 | ||
210 | [7-client-auth-TLSv1-require-fail] | |
211 | ssl_conf = 7-client-auth-TLSv1-require-fail-ssl | |
212 | ||
213 | [7-client-auth-TLSv1-require-fail-ssl] | |
214 | server = 7-client-auth-TLSv1-require-fail-server | |
215 | client = 7-client-auth-TLSv1-require-fail-client | |
216 | ||
217 | [7-client-auth-TLSv1-require-fail-server] | |
218 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
219 | CipherString = DEFAULT | |
78cbe94f MC |
220 | MaxProtocol = TLSv1 |
221 | MinProtocol = TLSv1 | |
63936115 | 222 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
223 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
224 | VerifyMode = Require | |
225 | ||
63936115 EK |
226 | [7-client-auth-TLSv1-require-fail-client] |
227 | CipherString = DEFAULT | |
78cbe94f MC |
228 | MaxProtocol = TLSv1 |
229 | MinProtocol = TLSv1 | |
63936115 EK |
230 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
231 | VerifyMode = Peer | |
232 | ||
63936115 EK |
233 | [test-7] |
234 | ExpectedResult = ServerFail | |
9f48bbac | 235 | ExpectedServerAlert = HandshakeFailure |
63936115 EK |
236 | |
237 | ||
238 | # =========================================================== | |
239 | ||
240 | [8-client-auth-TLSv1-require] | |
241 | ssl_conf = 8-client-auth-TLSv1-require-ssl | |
242 | ||
243 | [8-client-auth-TLSv1-require-ssl] | |
244 | server = 8-client-auth-TLSv1-require-server | |
245 | client = 8-client-auth-TLSv1-require-client | |
246 | ||
247 | [8-client-auth-TLSv1-require-server] | |
248 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
249 | CipherString = DEFAULT | |
78cbe94f MC |
250 | MaxProtocol = TLSv1 |
251 | MinProtocol = TLSv1 | |
63936115 | 252 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
253 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
254 | VerifyMode = Request | |
255 | ||
63936115 EK |
256 | [8-client-auth-TLSv1-require-client] |
257 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
258 | CipherString = DEFAULT | |
78cbe94f MC |
259 | MaxProtocol = TLSv1 |
260 | MinProtocol = TLSv1 | |
63936115 | 261 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
63936115 EK |
262 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
263 | VerifyMode = Peer | |
264 | ||
63936115 | 265 | [test-8] |
a470f023 | 266 | ExpectedClientCertType = RSA |
63936115 EK |
267 | ExpectedResult = Success |
268 | ||
269 | ||
270 | # =========================================================== | |
271 | ||
272 | [9-client-auth-TLSv1-noroot] | |
273 | ssl_conf = 9-client-auth-TLSv1-noroot-ssl | |
274 | ||
275 | [9-client-auth-TLSv1-noroot-ssl] | |
276 | server = 9-client-auth-TLSv1-noroot-server | |
277 | client = 9-client-auth-TLSv1-noroot-client | |
278 | ||
279 | [9-client-auth-TLSv1-noroot-server] | |
280 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
281 | CipherString = DEFAULT | |
78cbe94f MC |
282 | MaxProtocol = TLSv1 |
283 | MinProtocol = TLSv1 | |
63936115 | 284 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
285 | VerifyMode = Require |
286 | ||
63936115 EK |
287 | [9-client-auth-TLSv1-noroot-client] |
288 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
289 | CipherString = DEFAULT | |
78cbe94f MC |
290 | MaxProtocol = TLSv1 |
291 | MinProtocol = TLSv1 | |
63936115 | 292 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
63936115 EK |
293 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
294 | VerifyMode = Peer | |
295 | ||
63936115 EK |
296 | [test-9] |
297 | ExpectedResult = ServerFail | |
9f48bbac | 298 | ExpectedServerAlert = UnknownCA |
63936115 EK |
299 | |
300 | ||
301 | # =========================================================== | |
302 | ||
303 | [10-server-auth-TLSv1.1] | |
304 | ssl_conf = 10-server-auth-TLSv1.1-ssl | |
305 | ||
306 | [10-server-auth-TLSv1.1-ssl] | |
307 | server = 10-server-auth-TLSv1.1-server | |
308 | client = 10-server-auth-TLSv1.1-client | |
309 | ||
310 | [10-server-auth-TLSv1.1-server] | |
311 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
312 | CipherString = DEFAULT | |
78cbe94f MC |
313 | MaxProtocol = TLSv1.1 |
314 | MinProtocol = TLSv1.1 | |
63936115 | 315 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 | 316 | |
63936115 EK |
317 | [10-server-auth-TLSv1.1-client] |
318 | CipherString = DEFAULT | |
78cbe94f MC |
319 | MaxProtocol = TLSv1.1 |
320 | MinProtocol = TLSv1.1 | |
63936115 EK |
321 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
322 | VerifyMode = Peer | |
323 | ||
63936115 EK |
324 | [test-10] |
325 | ExpectedResult = Success | |
326 | ||
327 | ||
328 | # =========================================================== | |
329 | ||
330 | [11-client-auth-TLSv1.1-request] | |
331 | ssl_conf = 11-client-auth-TLSv1.1-request-ssl | |
332 | ||
333 | [11-client-auth-TLSv1.1-request-ssl] | |
334 | server = 11-client-auth-TLSv1.1-request-server | |
335 | client = 11-client-auth-TLSv1.1-request-client | |
336 | ||
337 | [11-client-auth-TLSv1.1-request-server] | |
338 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
339 | CipherString = DEFAULT | |
78cbe94f MC |
340 | MaxProtocol = TLSv1.1 |
341 | MinProtocol = TLSv1.1 | |
63936115 | 342 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
343 | VerifyMode = Request |
344 | ||
63936115 EK |
345 | [11-client-auth-TLSv1.1-request-client] |
346 | CipherString = DEFAULT | |
78cbe94f MC |
347 | MaxProtocol = TLSv1.1 |
348 | MinProtocol = TLSv1.1 | |
63936115 EK |
349 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
350 | VerifyMode = Peer | |
351 | ||
63936115 EK |
352 | [test-11] |
353 | ExpectedResult = Success | |
354 | ||
355 | ||
356 | # =========================================================== | |
357 | ||
358 | [12-client-auth-TLSv1.1-require-fail] | |
359 | ssl_conf = 12-client-auth-TLSv1.1-require-fail-ssl | |
360 | ||
361 | [12-client-auth-TLSv1.1-require-fail-ssl] | |
362 | server = 12-client-auth-TLSv1.1-require-fail-server | |
363 | client = 12-client-auth-TLSv1.1-require-fail-client | |
364 | ||
365 | [12-client-auth-TLSv1.1-require-fail-server] | |
366 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
367 | CipherString = DEFAULT | |
78cbe94f MC |
368 | MaxProtocol = TLSv1.1 |
369 | MinProtocol = TLSv1.1 | |
63936115 | 370 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
371 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
372 | VerifyMode = Require | |
373 | ||
63936115 EK |
374 | [12-client-auth-TLSv1.1-require-fail-client] |
375 | CipherString = DEFAULT | |
78cbe94f MC |
376 | MaxProtocol = TLSv1.1 |
377 | MinProtocol = TLSv1.1 | |
63936115 EK |
378 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
379 | VerifyMode = Peer | |
380 | ||
63936115 EK |
381 | [test-12] |
382 | ExpectedResult = ServerFail | |
9f48bbac | 383 | ExpectedServerAlert = HandshakeFailure |
63936115 EK |
384 | |
385 | ||
386 | # =========================================================== | |
387 | ||
388 | [13-client-auth-TLSv1.1-require] | |
389 | ssl_conf = 13-client-auth-TLSv1.1-require-ssl | |
390 | ||
391 | [13-client-auth-TLSv1.1-require-ssl] | |
392 | server = 13-client-auth-TLSv1.1-require-server | |
393 | client = 13-client-auth-TLSv1.1-require-client | |
394 | ||
395 | [13-client-auth-TLSv1.1-require-server] | |
396 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
397 | CipherString = DEFAULT | |
78cbe94f MC |
398 | MaxProtocol = TLSv1.1 |
399 | MinProtocol = TLSv1.1 | |
63936115 | 400 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
401 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
402 | VerifyMode = Request | |
403 | ||
63936115 EK |
404 | [13-client-auth-TLSv1.1-require-client] |
405 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
406 | CipherString = DEFAULT | |
78cbe94f MC |
407 | MaxProtocol = TLSv1.1 |
408 | MinProtocol = TLSv1.1 | |
63936115 | 409 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
63936115 EK |
410 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
411 | VerifyMode = Peer | |
412 | ||
63936115 | 413 | [test-13] |
a470f023 | 414 | ExpectedClientCertType = RSA |
63936115 EK |
415 | ExpectedResult = Success |
416 | ||
417 | ||
418 | # =========================================================== | |
419 | ||
420 | [14-client-auth-TLSv1.1-noroot] | |
421 | ssl_conf = 14-client-auth-TLSv1.1-noroot-ssl | |
422 | ||
423 | [14-client-auth-TLSv1.1-noroot-ssl] | |
424 | server = 14-client-auth-TLSv1.1-noroot-server | |
425 | client = 14-client-auth-TLSv1.1-noroot-client | |
426 | ||
427 | [14-client-auth-TLSv1.1-noroot-server] | |
428 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
429 | CipherString = DEFAULT | |
78cbe94f MC |
430 | MaxProtocol = TLSv1.1 |
431 | MinProtocol = TLSv1.1 | |
63936115 | 432 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
433 | VerifyMode = Require |
434 | ||
63936115 EK |
435 | [14-client-auth-TLSv1.1-noroot-client] |
436 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
437 | CipherString = DEFAULT | |
78cbe94f MC |
438 | MaxProtocol = TLSv1.1 |
439 | MinProtocol = TLSv1.1 | |
63936115 | 440 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
63936115 EK |
441 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
442 | VerifyMode = Peer | |
443 | ||
63936115 EK |
444 | [test-14] |
445 | ExpectedResult = ServerFail | |
9f48bbac | 446 | ExpectedServerAlert = UnknownCA |
63936115 EK |
447 | |
448 | ||
449 | # =========================================================== | |
450 | ||
451 | [15-server-auth-TLSv1.2] | |
452 | ssl_conf = 15-server-auth-TLSv1.2-ssl | |
453 | ||
454 | [15-server-auth-TLSv1.2-ssl] | |
455 | server = 15-server-auth-TLSv1.2-server | |
456 | client = 15-server-auth-TLSv1.2-client | |
457 | ||
458 | [15-server-auth-TLSv1.2-server] | |
459 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
460 | CipherString = DEFAULT | |
78cbe94f MC |
461 | MaxProtocol = TLSv1.2 |
462 | MinProtocol = TLSv1.2 | |
63936115 | 463 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 | 464 | |
63936115 EK |
465 | [15-server-auth-TLSv1.2-client] |
466 | CipherString = DEFAULT | |
78cbe94f MC |
467 | MaxProtocol = TLSv1.2 |
468 | MinProtocol = TLSv1.2 | |
63936115 EK |
469 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
470 | VerifyMode = Peer | |
471 | ||
63936115 EK |
472 | [test-15] |
473 | ExpectedResult = Success | |
474 | ||
475 | ||
476 | # =========================================================== | |
477 | ||
478 | [16-client-auth-TLSv1.2-request] | |
479 | ssl_conf = 16-client-auth-TLSv1.2-request-ssl | |
480 | ||
481 | [16-client-auth-TLSv1.2-request-ssl] | |
482 | server = 16-client-auth-TLSv1.2-request-server | |
483 | client = 16-client-auth-TLSv1.2-request-client | |
484 | ||
485 | [16-client-auth-TLSv1.2-request-server] | |
486 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
487 | CipherString = DEFAULT | |
78cbe94f MC |
488 | MaxProtocol = TLSv1.2 |
489 | MinProtocol = TLSv1.2 | |
63936115 | 490 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
491 | VerifyMode = Request |
492 | ||
63936115 EK |
493 | [16-client-auth-TLSv1.2-request-client] |
494 | CipherString = DEFAULT | |
78cbe94f MC |
495 | MaxProtocol = TLSv1.2 |
496 | MinProtocol = TLSv1.2 | |
63936115 EK |
497 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
498 | VerifyMode = Peer | |
499 | ||
63936115 EK |
500 | [test-16] |
501 | ExpectedResult = Success | |
502 | ||
503 | ||
504 | # =========================================================== | |
505 | ||
506 | [17-client-auth-TLSv1.2-require-fail] | |
507 | ssl_conf = 17-client-auth-TLSv1.2-require-fail-ssl | |
508 | ||
509 | [17-client-auth-TLSv1.2-require-fail-ssl] | |
510 | server = 17-client-auth-TLSv1.2-require-fail-server | |
511 | client = 17-client-auth-TLSv1.2-require-fail-client | |
512 | ||
513 | [17-client-auth-TLSv1.2-require-fail-server] | |
514 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
515 | CipherString = DEFAULT | |
78cbe94f MC |
516 | MaxProtocol = TLSv1.2 |
517 | MinProtocol = TLSv1.2 | |
63936115 | 518 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
519 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
520 | VerifyMode = Require | |
521 | ||
63936115 EK |
522 | [17-client-auth-TLSv1.2-require-fail-client] |
523 | CipherString = DEFAULT | |
78cbe94f MC |
524 | MaxProtocol = TLSv1.2 |
525 | MinProtocol = TLSv1.2 | |
63936115 EK |
526 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
527 | VerifyMode = Peer | |
528 | ||
63936115 EK |
529 | [test-17] |
530 | ExpectedResult = ServerFail | |
9f48bbac | 531 | ExpectedServerAlert = HandshakeFailure |
63936115 EK |
532 | |
533 | ||
534 | # =========================================================== | |
535 | ||
536 | [18-client-auth-TLSv1.2-require] | |
537 | ssl_conf = 18-client-auth-TLSv1.2-require-ssl | |
538 | ||
539 | [18-client-auth-TLSv1.2-require-ssl] | |
540 | server = 18-client-auth-TLSv1.2-require-server | |
541 | client = 18-client-auth-TLSv1.2-require-client | |
542 | ||
543 | [18-client-auth-TLSv1.2-require-server] | |
544 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
545 | CipherString = DEFAULT | |
062540cb | 546 | ClientSignatureAlgorithms = SHA256+RSA |
78cbe94f MC |
547 | MaxProtocol = TLSv1.2 |
548 | MinProtocol = TLSv1.2 | |
63936115 | 549 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
550 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem |
551 | VerifyMode = Request | |
552 | ||
63936115 EK |
553 | [18-client-auth-TLSv1.2-require-client] |
554 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
555 | CipherString = DEFAULT | |
78cbe94f MC |
556 | MaxProtocol = TLSv1.2 |
557 | MinProtocol = TLSv1.2 | |
63936115 | 558 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
63936115 EK |
559 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
560 | VerifyMode = Peer | |
561 | ||
63936115 | 562 | [test-18] |
a470f023 | 563 | ExpectedClientCertType = RSA |
062540cb | 564 | ExpectedClientSignHash = SHA256 |
63936115 EK |
565 | ExpectedResult = Success |
566 | ||
567 | ||
568 | # =========================================================== | |
569 | ||
570 | [19-client-auth-TLSv1.2-noroot] | |
571 | ssl_conf = 19-client-auth-TLSv1.2-noroot-ssl | |
572 | ||
573 | [19-client-auth-TLSv1.2-noroot-ssl] | |
574 | server = 19-client-auth-TLSv1.2-noroot-server | |
575 | client = 19-client-auth-TLSv1.2-noroot-client | |
576 | ||
577 | [19-client-auth-TLSv1.2-noroot-server] | |
578 | Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem | |
579 | CipherString = DEFAULT | |
78cbe94f MC |
580 | MaxProtocol = TLSv1.2 |
581 | MinProtocol = TLSv1.2 | |
63936115 | 582 | PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem |
63936115 EK |
583 | VerifyMode = Require |
584 | ||
63936115 EK |
585 | [19-client-auth-TLSv1.2-noroot-client] |
586 | Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem | |
587 | CipherString = DEFAULT | |
78cbe94f MC |
588 | MaxProtocol = TLSv1.2 |
589 | MinProtocol = TLSv1.2 | |
63936115 | 590 | PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem |
63936115 EK |
591 | VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem |
592 | VerifyMode = Peer | |
593 | ||
63936115 EK |
594 | [test-19] |
595 | ExpectedResult = ServerFail | |
9f48bbac | 596 | ExpectedServerAlert = UnknownCA |
63936115 EK |
597 | |
598 |