From 8af4fd7e0f697d9585f013b9664f88d32131b5df Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Fri, 28 May 2021 17:33:13 +0100 Subject: Testsuite: use higher-spec certs, for more-recent GnuTLS versions which deprecate weaker ones Needed for GnuTLS 3.6.15 (on Fedora 33) --- test/confs/3720 | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'test/confs/3720') diff --git a/test/confs/3720 b/test/confs/3720 index 74faec2cf..e82c57f03 100644 --- a/test/confs/3720 +++ b/test/confs/3720 @@ -19,10 +19,11 @@ queue_run_in_order trusted_users = CALLER tls_advertise_hosts = * -tls_certificate = DIR/aux-fixed/cert1 +tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem +tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key tls_verify_hosts = * -tls_verify_certificates = DIR/aux-fixed/cert2 +tls_verify_certificates = DIR/aux-fixed/exim-ca/example.org/server2.example.org/ca_chain.pem # ----- ACL ----- @@ -54,7 +55,7 @@ ext_ccert_cn: server_set_id = $auth1 server_debug_print = +++TLS \$auth1="$auth1" - client_send = "Phil Pennock" + client_send = "server2.example.org" # ----- Routers ----- @@ -81,8 +82,10 @@ t1: port = PORT_D hosts_try_fastopen = : allow_localhost - tls_certificate = DIR/aux-fixed/cert2 - tls_verify_certificates = DIR/aux-fixed/cert1 + tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem + tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key + + tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem tls_verify_cert_hostnames = : hosts_try_auth = * -- cgit v1.2.3