Commit | Line | Data |
---|---|---|
e326959e JH |
1 | # OCSP stapling, server, multiple chain-element OCSP |
2 | # | |
3 | # | |
4 | # | |
5 | mkdir -p DIR/tmp/ocsp | |
6 | sudo chown -R EXIMUSER:EXIMGROUP tmp | |
7 | sudo chmod -R a+rwx DIR/tmp/ocsp | |
8 | perl | |
9 | chdir 'aux-fixed/exim-ca/example.com'; | |
10 | system 'cat server1.example.com/server1.example.com.ocsp.signernocert.good.resp.pem CA/Signer.ocsp.signernocert.good.resp.pem CA/CA.ocsp.signernocert.good.resp.pem > DIR/tmp/ocsp/triple.ocsp.pem'; | |
11 | system 'cat server1.example.com/server1.example.com.ocsp.signernocert.good.resp.pem CA/Signer.ocsp.signernocert.revoked.resp.pem > DIR/tmp/ocsp/double_r.ocsp.pem'; | |
12 | **** | |
13 | # | |
14 | # | |
15 | exim -z '1: TLS1.2 Server sends good leaf-staple on request, to client requiring RSA auth' | |
16 | **** | |
17 | # | |
18 | exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.2 | |
19 | **** | |
20 | # | |
21 | exim -odf -DOPT=rsa -DLIMIT=TLS1.2 rsa.auth@test.ex | |
22 | Subject: test | |
23 | ||
24 | . | |
25 | **** | |
26 | killdaemon | |
27 | # | |
28 | # | |
29 | exim -z '2: TLS1.3 Server sends good 3-element staple on request, to client requiring RSA auth' | |
30 | **** | |
31 | # | |
32 | exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.3 | |
33 | **** | |
34 | exim -odf -DOPT=rsa rsa.auth@test.ex | |
35 | Subject: test | |
36 | ||
37 | . | |
38 | **** | |
39 | killdaemon | |
40 | # | |
41 | # | |
42 | # | |
43 | exim -z '3: TLS1.3 Server sends bad nonleaf staple, client detects it' | |
44 | **** | |
45 | # | |
46 | EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK=y exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.3 -DCONTROL=bad | |
47 | **** | |
48 | exim -odf -DOPT=rsa rsa.auth@test.ex | |
49 | Subject: test | |
50 | ||
51 | . | |
52 | **** | |
53 | killdaemon | |
54 | # | |
55 | # | |
56 | # | |
57 | # | |
58 | sudo rm -fr tmp/ | |
59 | no_msglog_check |