summaryrefslogtreecommitdiff
path: root/test/aux-fixed/exim-ca
AgeCommit message (Collapse)Author
2017-12-16Testsuite: restore generation of OCSP status for EC certsJeremy Harris
Broken-by: 854586e149
2017-12-16Testsuite: testcase for Bug 2198Jeremy Harris
2017-12-03Testsuite: regen certs trees, now with OCSP response for one EC certJeremy Harris
2017-11-07TLS: support multiple certificate files in server. Bug 2092Jeremy Harris
2017-01-31Testsuite: use certs expring before end of 2037, to avoid GnuTLS top-limit ↵Jeremy Harris
clamp on small-size_t platforms
2016-11-02Testsuite: regen certs, now with additional LetsEncrypt-style OCSP proofsJeremy Harris
2015-12-17DANE: do not override a cert verify failure, in callback. Also fix some ↵Jeremy Harris
test mistakes
2014-10-16Handle certificate dir under GnuTLS, if recent enoughJeremy Harris
Add testcases for certificate directories The GnuTLS implementation has been tested on Fedora 21 (alpha), using GnuTLS 3.3.9. The testsuite case is here but with the script commented-out. When enabled, the log/mail/stdout/stderr files will be created fresh.
2014-08-10Add (2 0 1) testJeremy Harris
2014-04-24Support OCSP Stapling under GnuTLS. Bug 1459Jeremy Harris
Requires GnuTLS version 3.1.3 or later. Under EXPERIMENTAL_OCSP
2013-12-15Increase test CA key sizes from 512 to 1024 to handle TLS1.2 digest sizes.Jeremy Harris
2013-03-25OCSP-stapling enhancement and testing.Jeremy Harris
Server: Honor environment variable as well as running_in_test_harness in permitting bogus staplings Update server tests Add "-ocsp" option to client-ssl. Server side: add verification of stapled status. First cut server-mode ocsp testing. Fix some uninitialized ocsp-related data. Client (new): Verify stapling using only the chain that verified the server cert, not any acceptable chain. Add check for multiple responses in a stapling, which is not handled Refuse verification on expired and revoking staplings. Handle OCSP client refusal on lack of stapling from server. More fixing in client OCSP: use the server cert signing chain to verify the OCSP info. Add transport hosts_require_ocsp option. Log stapling responses. Start on tests for client-side. Testing support: Add CRL generation code and documentation update Initial CA & certificate set for testing. BUGFIX: Once a single OCSP response has been extracted the validation routine return code is no longer about the structure, but the actual returned OCSP status.
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-21 18:42:48 +0000