Support OCSP Stapling under GnuTLS. Bug 1459
[exim.git] / test / scripts / 5650-OCSP-GnuTLS / 5650
CommitLineData
2b4a568d
JH
1# OCSP stapling, server
2#
3#
4#
5# 1: Server sends good staple on request
6exim -bd -oX PORT_D -DSERVER=server \
7 -DOCSP=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.good.resp
8****
9client-gnutls \
10 -ocsp aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem \
11 HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
12??? 220
13ehlo rhu.barb
14??? 250-
15??? 250-
16??? 250-
17??? 250-
18??? 250-
19??? 250
20starttls
21??? 220
22mail from:<userx@test.ex>
23??? 250
24rcpt to:<userx@test.ex>
25??? 250
26quit
27??? 221
28****
29killdaemon
30#
31#
32#
33# 2: Server does not staple an outdated response
34exim -bd -oX PORT_D -DSERVER=server \
35 -DOCSP=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.dated.resp
36****
37# XXX test sequence might not be quite right; this is for a server refusal
38# and we're expecting a client refusal.
39client-gnutls -ocsp aux-fixed/exim-ca/expired1.example.com/CA.pem HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
40??? 220
41ehlo rhu.barb
42??? 250-
43??? 250-
44??? 250-
45??? 250-
46??? 250-
47??? 250
48starttls
49??? 220
50****
51killdaemon
52#
53#
54#
55#
56#
57# 3: Server does not staple a response for a revoked cert
58exim -bd -oX PORT_D -DSERVER=server \
59 -DOCSP=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.revoked.resp
60****
61client-gnutls \
62 -ocsp aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem \
63 HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
64??? 220
65ehlo rhu.barb
66??? 250-
67??? 250-
68??? 250-
69??? 250-
70??? 250-
71??? 250
72starttls
73??? 220
74****
75killdaemon
76#
77#
78#
79#
80#