blob: 05b0c157e8eddf6d29b2c75b7e3979c6f4d6f158 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
# OCSP stapling, server, multiple chain-element OCSP
#
#
#
#
exim -z '1: TLS1.2 Server sends good leaf-staple on request, to client requiring RSA auth'
****
#
exim -bd -oX PORT_D -DSERVER=server -DTRUSTED=TLS1.2
****
#
exim -odf -DOPT=rsa -DTRUSTED=TLS1.2 rsa.auth@test.ex
Subject: test
.
****
killdaemon
#
#
exim -z '2: TLS1.3 Server sends good 3-element staple on request, to client requiring RSA auth'
****
#
# Works when the (single) proof file has an ocsp-response with 3 statusses.
# Contrast with with GnuTLS which can do either that or have 3 proof files
# each with one status.
#
exim -bd -oX PORT_D -DSERVER=server -DTRUSTED=TLS1.3
****
exim -odf -DOPT=rsa rsa.auth@test.ex
Subject: test
.
****
killdaemon
#
##
##
#exim -z '3: TLS1.3 Server sends bad nonleaf staple, client detects it'
#****
##
#EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK=y exim -bd -oX PORT_D -DSERVER=server -DTRUSTED=TLS1.3 -DCONTROL=bad
#****
#exim -odf -DOPT=rsa rsa.auth@test.ex
#Subject: test
#
#.
#****
#killdaemon
##
##
#
#
sudo rm -fr tmp/
no_msglog_check
|
