ssl-opt.sh: Configure trusted CA explicitly

Browse source

ssl_client2 and ssl_server2 either allow loading specific CRTs
and CAs from files, or to leave them unspecified, in which case
they're automatically picked from the test certificates.

The test certificates should be chosen in a way that when
not specifying any CRT or CA parameters, the automatically
chosen ones match - but if one of them is specified but not
the other, one should not expect tests to succeed.

With the recent switch to Secp256r1-based test certificates,
the default test certificates have changed, which breaks some
ssl-opt.sh tests which specify the server CRT explicitly but
not the client trusted CAs.

This commit fixes this by specifying the client's trusted CA
explicitly in accordance with the explicitly specified server CRT.

...

This commit is contained in:

Hanno Becker 2019-08-23 17:17:09 +01:00

parent 75bc82702f

commit 843f5bb06c

1 changed files with 142 additions and 72 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Show stats Download patch file Download diff file Expand all files Collapse all files

214

tests/ssl-opt.sh

View file

File diff suppressed because it is too large Load diff