diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2022-08-20 16:43:03 +0100 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2022-08-20 18:22:39 +0100 |
commit | 9641b6648d2d2d87e14856f9c3383deb86772757 (patch) | |
tree | bbcc9665596db809d4ced5dd463e72de73e08b3e /test/scripts/1100-Basic-TLS | |
parent | ba47f2909371787b76d213ea012c6b950f9f8080 (diff) |
OpenSSL: fix reload of changed OCSP proof
Diffstat (limited to 'test/scripts/1100-Basic-TLS')
-rw-r--r-- | test/scripts/1100-Basic-TLS/1102 | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/test/scripts/1100-Basic-TLS/1102 b/test/scripts/1100-Basic-TLS/1102 index 862d26a6e..285b3be09 100644 --- a/test/scripts/1100-Basic-TLS/1102 +++ b/test/scripts/1100-Basic-TLS/1102 @@ -2,13 +2,14 @@ # # mkdir -p DIR/tmp/certs -cp DIR/aux-fixed/cert1 DIR/tmp/certs/servercert -cp DIR/aux-fixed/cert1 DIR/tmp/certs/serverkey +cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem DIR/tmp/certs/servercert +cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key DIR/tmp/certs/serverkey +cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.good.resp DIR/tmp/certs/ocsp_proof # #exim -d-all+tls+receive+timestamp -DSERVER=server -bd -oX PORT_D exim -DSERVER=server -bd -oX PORT_D **** -client-anytls 127.0.0.1 PORT_D +client-anytls -ocsp DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem 127.0.0.1 PORT_D ??? 220 EHLO rhu.barb ????250 @@ -24,12 +25,14 @@ QUIT ??? 221 **** sleep 1 -# Now overwrite the cert. key? -cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem DIR/tmp/certs/servercert -cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key DIR/tmp/certs/serverkey -# The watch mech waits 5 sec after the last trigger, so give that time to expire the send another message +# Now overwrite the cert +# XXX using server2.com fails here, on the ocsp verify. Why? +cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.pem DIR/tmp/certs/servercert +cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key DIR/tmp/certs/serverkey +cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.ocsp.good.resp DIR/tmp/certs/ocsp_proof +# The watch mech waits 5 sec after the last trigger, so give that time to expire then send another message sleep 7 -client-anytls 127.0.0.1 PORT_D +client-anytls -ocsp DIR/aux-fixed/exim-ca/example.net/server1.example.net/ca_chain.pem 127.0.0.1 PORT_D ??? 220 EHLO rhu.barb ????250 |